Description

Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.

Remediation

References

CVE-2011-0534

Related Vulnerabilities

WordPress Plugin YITH Maintenance Mode Multiple Cross-Site Scripting Vulnerabilities (1.3.8)

WordPress Plugin Lara's Google Analytics Cross-Site Scripting (2.0.4)

MySQL CVE-2020-14821 Vulnerability (CVE-2020-14821)

OpenSSL DEPRECATED: Code Vulnerability (CVE-2015-0287)

Oracle Database Server CVE-2012-3146 Vulnerability (CVE-2012-3146)

Severity

Medium

Classification

CVE-2011-0534

Tags

Missing Update Known Vulnerabilities