Description

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for requests from different users."

Remediation

References

CVE-2011-1475

Related Vulnerabilities

PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2094)

PrestaShop CVE-2008-5791 Vulnerability (CVE-2008-5791)

MySQL CVE-2021-2088 Vulnerability (CVE-2021-2088)

WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.21)

WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.65)

Severity

Medium

Classification

CVE-2011-1475 CWE-20

Tags

Missing Update Known Vulnerabilities