2 matches found
CVE-2007-0774
CVE-2007-0774 describes a stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) of Apache Tomcat JK Web Server Connector’s mod_jk.so, affecting mod_jk versions 1.2.19 and 1.2.20 as used with Tomcat 4.1.34 and 5.5.20. The overflow is triggered by a long ...
CVE-2007-1860
CVE-2007-1860 affects the Apache Tomcat JK Web Server Connector (mod_jk) in 1.2.x before 1.2.23. The flaw arises because mod_jk decodes request URLs within Apache before passing them to Tomcat, enabling directory traversal through crafted URLs (e.g., double-encoded .. sequences via a JkMount pref...