CVE-2006-7197

Apache Tomcat Buffer Over-Read in maven/org.apache.tomcat/tomcat

Identifiers

GHSA-jpqr-vh55-xqxf, CVE-2006-7197

Package Slug

maven/org.apache.tomcat/tomcat

Vulnerability

Apache Tomcat Buffer Over-Read

Description

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajpprocesscallback in mod_jk, which allows remote attackers to read portions of sensitive memory.

Affected Versions

All versions up to 5.5.15

Solution

Unfortunately, there is no solution available yet.

Last Modified

2024-02-13

source