Multiple vulnerabilities in Apache Tomcat

Описание

Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and read arbitrary files. Below is a complete list of vulnerabilities

1. An integer overflow vulnerability can be exploited remotely via a specially designed request streaming or a specially designed HTTP header;
2. An improper XSLT restriction vulnerability can be exploited remotely via a specially designed web application;

Первичный источник обнаружения

• Apache bulletin
  

Связанные продукты

• Apache-Tomcat

Список CVE

• CVE-2014-0075
  critical
• CVE-2014-0096
  warning
• CVE-2014-0099
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com