CVE-2014-0227 in Communications Policy Managementinfo

Summary

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/03/2013

Disclosure

02/15/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
92887	Oracle Communications Policy Management Tomcat data processing	19	Not defined	Official fix	CVE-2014-0227
69092	Apache Tomcat HTTP data processing	19	Unproven	Official fix	CVE-2014-0227

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!