CVE-2013-4322 in Oracle Communications Policy Managementinfo

Summary

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.

Reservation

06/12/2013

Disclosure

02/26/2014

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
92852	Oracle Communications Policy Management Tomcat input validation	20	Not defined	Official fix	CVE-2013-4322
12518	Apache Tomcat HTTP Header input validation	20	Unproven	Official fix	CVE-2013-4322

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!