Back to search
CVE-2014-0075
Published: May 31, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://svn.apache.org/viewvc?view=revision&revision=1578337
x_refsource_CONFIRM
http://advisories.mageia.org/MGASA-2014-0268.html
x_refsource_CONFIRM
http://www.novell.com/support/kb/doc.php?id=7010166
x_refsource_CONFIRM
59121
third-party-advisory
x_refsource_SECUNIA
RHSA-2015:0765
vendor-advisory
x_refsource_REDHAT
59732
third-party-advisory
x_refsource_SECUNIA
59835
third-party-advisory
x_refsource_SECUNIA
RHSA-2015:0675
vendor-advisory
x_refsource_REDHAT
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21681528
x_refsource_CONFIRM
MDVSA-2015:052
vendor-advisory
x_refsource_MANDRIVA
RHSA-2015:0720
vendor-advisory
x_refsource_REDHAT
59849
third-party-advisory
x_refsource_SECUNIA
http://linux.oracle.com/errata/ELSA-2014-0865.html
x_refsource_CONFIRM
MDVSA-2015:084
vendor-advisory
x_refsource_MANDRIVA
DSA-3530
vendor-advisory
x_refsource_DEBIAN
59678
third-party-advisory
x_refsource_SECUNIA
http://svn.apache.org/viewvc?view=revision&revision=1578341
x_refsource_CONFIRM
HPSBUX03102
vendor-advisory
x_refsource_HP
http://tomcat.apache.org/security-7.html
x_refsource_CONFIRM
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
mailing-list
x_refsource_BUGTRAQ
http://svn.apache.org/viewvc?view=revision&revision=1579262
x_refsource_CONFIRM
MDVSA-2015:053
vendor-advisory
x_refsource_MANDRIVA
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
x_refsource_CONFIRM
HPSBUX03150
vendor-advisory
x_refsource_HP
FEDORA-2015-2109
vendor-advisory
x_refsource_FEDORA
67671
vdb-entry
x_refsource_BID
http://tomcat.apache.org/security-8.html
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21678231
x_refsource_CONFIRM
59616
third-party-advisory
x_refsource_SECUNIA
http://tomcat.apache.org/security-6.html
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
x_refsource_CONFIRM
59873
third-party-advisory
x_refsource_SECUNIA
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
mailing-list
x_refsource_FULLDISC
HPSBOV03503
vendor-advisory
x_refsource_HP
SSRT101681
vendor-advisory
x_refsource_HP
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
x_refsource_CONFIRM
DSA-3447
vendor-advisory
x_refsource_DEBIAN
60729
third-party-advisory
x_refsource_SECUNIA
60793
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21680603
x_refsource_CONFIRM
[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now