Denial Of Service (DoS)

tomcat-util is vulnerable to denial of service DoS attacks. The attack exists due to not proper handling of overflow in the decodeHasArray function in UTF-8 decoder...

Directory Traversal

tomcat-util is vulnerable to directory traversal attacks. The vulnerability exists due to the ability to include ../, ..\, and ..%5C characters in the URL, allowing directory traversal attacks...

Session Hijacking

tomcat-util is vulnerable to session hijacking attacks. The vulnerability exists due to tomcat-util incorrectly treating single quotes as delimiters in cookies, allowing sensitive information such as session ID to be leaked. This issue is also CVE-2007-3385...

Replay Attack

tomcat-util is vulnerable to replay attacks. The vulnerability exists due to the improper handling of empty requests to the SSL port, allowing a duplicate copy of a recent request to be replayed...

Denial Of Service (DoS)

tomcat-util is vulnerable to denial of service DoS attacks. The attack exists due to not proper handling of overflow in the decodeHasArray function in UTF-8 decoder...