Vulnerability & Exploit Database

Back to search

FreeBSD: tomcat -- Denial of Service (CVE-2012-2733)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:N/A:P) November 15, 2012 May 07, 2014 February 12, 2015

Description

java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

freebsd-upgrade-package-tomcat

Related Vulnerabilities