Back to search

ELSA-2012-0474 Moderate: Oracle Linux 5 tomcat5 security update

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:N/A:P) February 18, 2011 May 02, 2012 March 19, 2014

Available Exploits 

Description

Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

Related Vulnerabilities