(RHSA-2011:0336) Important: tomcat5 security update

ID RHSA-2011:0336
Type redhat
Reporter RedHat
Modified 2017-09-08T12:09:59


Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Tomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476)

Users of Tomcat should upgrade to these updated packages, which contain a backported patch to correct this issue. Tomcat must be restarted for this update to take effect.