Skip to main content

CVE-2014-0075

Severity

7.5

Description

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

Mitigation

We recommend upgrading to a version of this component that is not vulnerable to this specific issue.

Project

Category
n/a
Tags
operational
Date Disclosed

2014-05-31

Date Discovered

2013-12-03

Apache Tomcat 8.0.x

First release:
2014-06-25
First release:
2018-06-30
0
Support Lifecycle:
Namespace:
javax

Apache TomEE 1.6.x

First release:
2013-11-17
0
Support Lifecycle:
Namespace:
javax

Apache TomEE 1.5.x

First release:
2012-09-28
0
Support Lifecycle:
Namespace:
javax

Apache TomEE 1.0.x

First release:
2012-04-27
0
Support Lifecycle:
Namespace:
javax
Feel Vulnerable? 

Contact us so we can help you.

* These fields are required.