KLA10072
Multiple vulnerabilities in Apache Tomcat
Updated: 06/01/2019
Detect date
?
03/30/2014
Severity
?
Warning
Description

Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and read arbitrary files. Below is a complete list of vulnerabilities

  1. An integer overflow vulnerability can be exploited remotely via a specially designed request streaming or a specially designed HTTP header;
  2. An improper XSLT restriction vulnerability can be exploited remotely via a specially designed web application;
Affected products

Apache Tomcat 7 versions 7.0.52 and earlier

Solution

Update to latest version

Original advisories

Apache bulletin

Impacts
?
DoS 
[?]

SB 
[?]

RLF 
[?]
Related products
Apache Tomcat
CVE-IDS
?
CVE-2014-00755.0Critical
CVE-2014-00964.3Warning
CVE-2014-00994.3Warning