The doRead method in Apache Tomcat 4.1.32 up to and including 4.1.34 and 5.5.10 up to and including 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 5.5.18 |
||
apache tomcat 5.5.12 |
||
apache tomcat 5.5.14 |
||
apache tomcat 5.5.10 |
||
apache tomcat 5.5.11 |
||
apache tomcat 5.5.20 |
||
apache tomcat 5.5.15 |
||
apache tomcat 4.1.33 |
||
apache tomcat 5.5.13 |
||
apache tomcat 5.5.16 |
||
apache tomcat 5.5.17 |
||
apache tomcat 5.5.19 |
||
apache tomcat 4.1.34 |
||
apache tomcat 4.1.32 |