Description
java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing.
Remediation
References
Related Vulnerabilities
WordPress Plugin Navis DocumentCloud Cross-Site Scripting (0.1)
OpenSSL Improper Input Validation Vulnerability (CVE-2015-1787)
MODX Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1000207)
Oracle Database Server CVE-2012-0552 Vulnerability (CVE-2012-0552)
WordPress Plugin BuddyPress Multiple Vulnerabilities (9.0.0)