Lucene search

PRIOn knowledge basePRION:CVE-2014-0075

HistoryMay 31, 2014 - 11:17 a.m.

Integer overflow

2014-05-3111:17:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.038 Low

EPSS

Percentile

91.9%

JSON

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

CPENameOperatorVersion
tomcateq7.0.2 beta
tomcateq7.0.49
tomcateq7.0.12
tomcateq7.0.20
tomcateq7.0.34
tomcateq7.0.8
tomcateq7.0.1
tomcateq7.0.2
tomcateq7.0.5
tomcateq7.0.4 beta

Name	Operator	Version
tomcat	eq	7.0.2 beta
tomcat	eq	7.0.49
tomcat	eq	7.0.12
tomcat	eq	7.0.20
tomcat	eq	7.0.34
tomcat	eq	7.0.8
tomcat	eq	7.0.1
tomcat	eq	7.0.2
tomcat	eq	7.0.5
tomcat	eq	7.0.4 beta

Rows per page:

1-10 of 1071

References

advisories.mageia.org/MGASA-2014-0268.html

linux.oracle.com/errata/ELSA-2014-0865.html

rhn.redhat.com/errata/RHSA-2015-0675.html

rhn.redhat.com/errata/RHSA-2015-0720.html

rhn.redhat.com/errata/RHSA-2015-0765.html

seclists.org/fulldisclosure/2014/Dec/23

secunia.com/advisories/59121

secunia.com/advisories/59616

secunia.com/advisories/59678

secunia.com/advisories/59732

secunia.com/advisories/59835

secunia.com/advisories/59849

secunia.com/advisories/59873

secunia.com/advisories/60729

secunia.com/advisories/60793

svn.apache.org/viewvc?view=revision&revision=1578337

svn.apache.org/viewvc?view=revision&revision=1578341

svn.apache.org/viewvc?view=revision&revision=1579262

tomcat.apache.org/security-6.html

tomcat.apache.org/security-7.html

tomcat.apache.org/security-8.html

www-01.ibm.com/support/docview.wss?uid=swg21678231

www-01.ibm.com/support/docview.wss?uid=swg21680603

www-01.ibm.com/support/docview.wss?uid=swg21681528

www.debian.org/security/2016/dsa-3447

www.debian.org/security/2016/dsa-3530

www.mandriva.com/security/advisories?name=MDVSA-2015:052

www.mandriva.com/security/advisories?name=MDVSA-2015:053

www.mandriva.com/security/advisories?name=MDVSA-2015:084

www.novell.com/support/kb/doc.php?id=7010166

www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

www.securityfocus.com/archive/1/534161/100/0/threaded

www.securityfocus.com/bid/67671

www.vmware.com/security/advisories/VMSA-2014-0012.html

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html

marc.info/?l=bugtraq&m=141017844705317&w=2

marc.info/?l=bugtraq&m=141390017113542&w=2

marc.info/?l=bugtraq&m=144498216801440&w=2