Vulnerability & Exploit Database

Back to search

Apache Tomcat: Important: Information disclosure (CVE-2011-1475)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:P/I:N/A:N) April 08, 2011 May 17, 2012 August 22, 2013

Description

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

apache-tomcat-upgrade-7_0_12

Related Vulnerabilities