Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2002-12-30 21:00
Updated : 2017-07-28 18:29
NVD link : CVE-2002-2272
Mitre link : CVE-2002-2272
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
apache
- tomcat
- http_server