CVE-2008-5519

The CVE refers to the mod_jk (JK Connector) for Apache Tomcat, affected in the 1.2.0–1.2.26 range. The root cause is an error in handling certain HTTP requests, enabling an attacker to obtain sensitive information via Content-Length-related scenarios (e.g., a request with Content-Length but no PO...

CVE-2007-6258

CVE-2007-6258 relates to multiple stack-based buffer overflows in legacy mod_jk2 (Apache module, versions 2.0.3-DEV and earlier). The vulnerability is exploitable via a long Host header or a Host header hostname, allowing a remote attacker to execute arbitrary code with the privileges of the Apac...