CVE-2014-0227

NONECVSS 0.0

0.0

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.

🔗 References (70)

secalert@redhathttp://advisories.mageia.org/MGASA-2015-0081.html
secalert@redhathttp://archives.neohapsis.com/archives/bugtraq/2015-02/0067.html
secalert@redhathttp://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
secalert@redhathttp://marc.info/?l=bugtraq&m=143393515412274&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=143403519711434&w=2
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2015-0675.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2015-0720.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2015-0765.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2015-0983.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2015-0991.html
secalert@redhathttp://svn.apache.org/viewvc?view=revision&revision=1600984
secalert@redhathttp://tomcat.apache.org/security-6.html
secalert@redhathttp://tomcat.apache.org/security-7.html
secalert@redhathttp://tomcat.apache.org/security-8.html
secalert@redhathttp://www.debian.org/security/2016/dsa-3447

Is Your Infrastructure Affected by CVE-2014-0227?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2014-0227

📅 Published

🔄 Last Modified

🔗 References (70)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2014-0227?