Published: 26/02/2009 Updated: 13/02/2023
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Summary

The doRead method in Apache Tomcat 4.1.32 up to and including 4.1.34 and 5.5.10 up to and including 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

apache tomcat 5.5.18

apache tomcat 5.5.12

apache tomcat 5.5.14

apache tomcat 5.5.10

apache tomcat 5.5.11

apache tomcat 5.5.20

apache tomcat 5.5.15

apache tomcat 4.1.33

apache tomcat 5.5.13

apache tomcat 5.5.16

apache tomcat 5.5.17

apache tomcat 5.5.19

apache tomcat 4.1.34

apache tomcat 4.1.32