KLA10072
Multiple vulnerabilities in Apache Tomcat
Обновлено: 17/06/2019
Дата обнаружения
30/03/2014
Уровень угрозы
Warning
Описание

Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and read arbitrary files. Below is a complete list of vulnerabilities

  1. An integer overflow vulnerability can be exploited remotely via a specially designed request streaming or a specially designed HTTP header;
  2. An improper XSLT restriction vulnerability can be exploited remotely via a specially designed web application;
Пораженные продукты

Apache Tomcat 7 versions 7.0.52 and earlier

Решение

Update to latest version

Первичный источник обнаружения
Apache bulletin
Оказываемое влияние
?
DoS 
[?]

SB 
[?]

RLF 
[?]
Связанные продукты
Apache Tomcat
CVE-IDS
CVE-2014-00755.0Critical
CVE-2014-00964.3Warning
CVE-2014-00994.3Warning