Description

Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.

Remediation

References

CVE-2002-2272

Related Vulnerabilities

Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-36160)

b2evolution URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-22840)

Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6065)

WordPress Plugin WP VR-360 Panorama and Virtual Tour Builder For WordPress Cross-Site Request Forgery (8.2.7)

WordPress Plugin SMTP Mailer Cross-Site Request Forgery (1.0.6)

Severity

High

Classification

CVE-2002-2272 CWE-119

Tags

Missing Update Known Vulnerabilities