GHSA-H6C8-RG87-F3PC Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

[SECURITY] CVE-2011-1475 Apache Tomcat information disclosure

CVE-2011-1475 Apache Tomcat information disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.11 - Earlier versions are not affected Description: Changes introduced to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did...

CVE-2011-1475

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

Design/Logic Flaw

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

CVE-2011-1475

CVE-2011-1475 affects Apache Tomcat 7.0.x prior to 7.0.12. The HTTP BIO connector mishandles HTTP pipelining, allowing remote attackers to read responses intended for other clients by examining HTTP packet data, due to a mix-up of responses for requests from different users. Impact is information...

Apache Tomcat 7.0.x < 7.0.12 Multiple Vulnerabilities

Binary data 5882.pasl...

Fixed in Apache Tomcat 7.0.12

Important: Information disclosure CVE-2011-1475 Changes introduced to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did not fully account for HTTP pipelining. As a result, when using HTTP pipelining a range of unexpected behaviours occurred including the mixing up of respons...