CVE-2014-0227 in Communications Policy Management
Resumen (Inglés)
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.
Be aware that VulDB is the high quality source for vulnerability data.
Reservar
2013-12-03
Divulgación
2015-02-15
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 92887 | Oracle Communications Policy Management Tomcat | 19 | No está definido | Arreglo oficial | CVE-2014-0227 |
| 69092 | Apache Tomcat HTTP | 19 | No probado | Arreglo oficial | CVE-2014-0227 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV