Detections
Analytics
CVE-2010-2227
medium
Description
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/60264
http://www.vupen.com/english/advisories/2010/3056
http://www.vupen.com/english/advisories/2010/2868
http://www.vupen.com/english/advisories/2010/1986
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.securityfocus.com/bid/41544
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/archive/1/512272/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2010-0583.html
http://www.redhat.com/support/errata/RHSA-2010-0582.html
http://www.redhat.com/support/errata/RHSA-2010-0581.html
http://www.redhat.com/support/errata/RHSA-2010-0580.html
http://www.novell.com/support/viewContent.do?externalId=7007275
http://www.novell.com/support/viewContent.do?externalId=7007274
http://www.mandriva.com/security/advisories?name=MDVSA-2010:177
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
http://www.debian.org/security/2011/dsa-2207
http://tomcat.apache.org/security-7.html
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-5.html
http://svn.apache.org/viewvc?view=revision&revision=959428
http://svn.apache.org/viewvc?view=revision&revision=958977
http://svn.apache.org/viewvc?view=revision&revision=958911
http://support.apple.com/kb/HT5002
http://securitytracker.com/id?1024180
http://secunia.com/advisories/57126
http://secunia.com/advisories/44183
http://secunia.com/advisories/43310
http://secunia.com/advisories/42454
http://secunia.com/advisories/42368
http://secunia.com/advisories/42079
http://secunia.com/advisories/41025
http://secunia.com/advisories/40813
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://marc.info/?l=bugtraq&m=136485229118404&w=2
http://marc.info/?l=bugtraq&m=129070310906557&w=2
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://geronimo.apache.org/22x-security-report.html
http://geronimo.apache.org/21x-security-report.html