7.8
CVSSv2

CVE-2002-2272

CVSSv4: NA | CVSSv3: NA | CVSSv2: 7.8 | VMScore: 880 | EPSS: 0.01228 | KEV: Not Included
Published: 31/12/2002 Updated: 20/11/2024

Vulnerability Summary

Tomcat 4.0 up to and including 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 up to and including 1.3.27, allows remote malicious users to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 1.3

apache http server 1.3.0

apache http server 1.3.1

apache http server 1.3.2

apache http server 1.3.10

apache http server 1.3.11

apache http server 1.3.12

apache http server 1.3.13

apache http server 1.3.14

apache http server 1.3.15

apache http server 1.3.16

apache http server 1.3.17

apache http server 1.3.18

apache http server 1.3.19

apache http server 1.3.20

apache http server 1.3.22

apache http server 1.3.23

apache http server 1.3.24

apache http server 1.3.25

apache http server 1.3.26

apache http server 1.3.27

apache tomcat 4.0.0

apache tomcat 4.0.1

apache tomcat 4.0.2

apache tomcat 4.0.3

apache tomcat 4.0.4

apache tomcat 4.0.5

apache tomcat 4.0.6

apache tomcat 4.1.0

apache tomcat 4.1.1

apache tomcat 4.1.2

apache tomcat 4.1.3

apache tomcat 4.1.9

apache tomcat 4.1.10

apache tomcat 4.1.12

Exploits

source: wwwsecurityfocuscom/bid/6320/info Apache Webserver and Tomcat are HTTP servers maintained and distributed by the Apache project Apache Webserver and Tomcat are available for the Unix, Linux, and Microsoft Windows platforms It has been reported that a denial of service exists in Apache Webserver and Tomcat when mod_jk is used D ...