Security Advisory

CVE-2012-2733

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-11-16 21:00:00

Last updated 2024-08-06 19:42:32

Assigner redhat

State PUBLISHED

Description

java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.

← Browse all CVEs View on cve.org ↗