The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote malicious users to read portions of sensitive memory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 5.5.15 |