Lucene search

K
mageiaGentoo FoundationMGASA-2015-0081
HistoryFeb 19, 2015 - 7:37 p.m.

Updated tomcat packages fix CVE-2014-0227

2015-02-1919:37:50
Gentoo Foundation
advisories.mageia.org
16

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

EPSS

0.948

Percentile

99.3%

Updated tomcat packages fix security vulnerability: In Apache Tomcat 7.x before 7.0.55, it was possible to craft a malformed chunk as part of a chunked request that caused Tomcat to read part of the request body as a new request (CVE-2014-0227).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchtomcat< 7.0.59-1tomcat-7.0.59-1.mga4

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

EPSS

0.948

Percentile

99.3%