Description
Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
Remediation
References
Related Vulnerabilities
OpenSSL Numeric Errors Vulnerability (CVE-2008-0891)
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41362)
phpBB CVE-2008-4125 Vulnerability (CVE-2008-4125)
e107 Other Vulnerability (CVE-2006-5786)
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1169)