7.8
CVSSv2

CVE-2006-7197

Published: 25/04/2007 Updated: 15/04/2019
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 765
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Summary

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote malicious users to read portions of sensitive memory.

Affected Products

Vendor Product Versions
ApacheTomcat5.5.15