Vulnerability & Exploit Database

Back to search

Apache Tomcat: Important: Information disclosure (CVE-2011-1475)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:P/I:N/A:N) April 07, 2011 May 16, 2012 August 21, 2013

Description

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

apache-tomcat-upgrade-7_0_12

Related Vulnerabilities