Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2002-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2002-2272
Mitre link : CVE-2002-2272
CVE.ORG link : CVE-2002-2272
JSON object : View
Products Affected
apache
- http_server
- tomcat
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer