Back to search
CVE-2010-2227
Published: Jul 13, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.novell.com/support/viewContent.do?externalId=7007274
x_refsource_CONFIRM
20100709 [SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability
mailing-list
x_refsource_BUGTRAQ
42079
third-party-advisory
x_refsource_SECUNIA
DSA-2207
vendor-advisory
x_refsource_DEBIAN
HPSBUX02860
vendor-advisory
x_refsource_HP
http://www.novell.com/support/viewContent.do?externalId=7007275
x_refsource_CONFIRM
MDVSA-2010:177
vendor-advisory
x_refsource_MANDRIVA
ADV-2010-3056
vdb-entry
x_refsource_VUPEN
43310
third-party-advisory
x_refsource_SECUNIA
RHSA-2010:0581
vendor-advisory
x_refsource_REDHAT
41544
vdb-entry
x_refsource_BID
http://tomcat.apache.org/security-7.html
x_refsource_CONFIRM
FEDORA-2010-16270
vendor-advisory
x_refsource_FEDORA
ADV-2010-1986
vdb-entry
x_refsource_VUPEN
http://svn.apache.org/viewvc?view=revision&revision=959428
x_refsource_CONFIRM
44183
third-party-advisory
x_refsource_SECUNIA
RHSA-2010:0580
vendor-advisory
x_refsource_REDHAT
41025
third-party-advisory
x_refsource_SECUNIA
FEDORA-2010-16248
vendor-advisory
x_refsource_FEDORA
http://geronimo.apache.org/22x-security-report.html
x_refsource_CONFIRM
40813
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2011-10-12-3
vendor-advisory
x_refsource_APPLE
MDVSA-2010:176
vendor-advisory
x_refsource_MANDRIVA
42368
third-party-advisory
x_refsource_SECUNIA
http://tomcat.apache.org/security-6.html
x_refsource_CONFIRM
57126
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
x_refsource_CONFIRM
oval:org.mitre.oval:def:18532
vdb-entry
signature
x_refsource_OVAL
1024180
vdb-entry
x_refsource_SECTRACK
SUSE-SR:2010:017
vendor-advisory
x_refsource_SUSE
http://svn.apache.org/viewvc?view=revision&revision=958911
x_refsource_CONFIRM
http://tomcat.apache.org/security-5.html
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
HPSBUX02579
vendor-advisory
x_refsource_HP
tomcat-transferencoding-dos(60264)
vdb-entry
x_refsource_XF
http://support.apple.com/kb/HT5002
x_refsource_CONFIRM
RHSA-2010:0582
vendor-advisory
x_refsource_REDHAT
ADV-2010-2868
vdb-entry
x_refsource_VUPEN
SSRT101146
vendor-advisory
x_refsource_HP
http://geronimo.apache.org/21x-security-report.html
x_refsource_CONFIRM
42454
third-party-advisory
x_refsource_SECUNIA
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
mailing-list
x_refsource_BUGTRAQ
SSRT100203
vendor-advisory
x_refsource_HP
HPSBST02955
vendor-advisory
x_refsource_HP
http://svn.apache.org/viewvc?view=revision&revision=958977
x_refsource_CONFIRM
RHSA-2010:0583
vendor-advisory
x_refsource_REDHAT
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now