Apache Tomcat 7.0.0 up to and including 7.0.6 and 6.0.0 up to and including 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote malicious users to cause a denial of service (OutOfMemoryError) via a crafted request.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apache tomcat 7.0.1 |
||
apache tomcat 7.0.2 |
||
apache tomcat 7.0.5 |
||
apache tomcat 7.0.0 |
||
apache tomcat 7.0.6 |
||
apache tomcat 7.0.4 |
||
apache tomcat 7.0.3 |
||
apache tomcat 6.0.6 |
||
apache tomcat 6.0.11 |
||
apache tomcat 6.0.7 |
||
apache tomcat 6.0.4 |
||
apache tomcat 6.0.15 |
||
apache tomcat 6.0.20 |
||
apache tomcat 6.0.10 |
||
apache tomcat 6.0.29 |
||
apache tomcat 6.0.3 |
||
apache tomcat 6.0.9 |
||
apache tomcat 6.0.24 |
||
apache tomcat 6.0.17 |
||
apache tomcat 6.0.28 |
||
apache tomcat 6.0.0 |
||
apache tomcat 6.0.14 |
||
apache tomcat 6.0.1 |
||
apache tomcat 6.0.12 |
||
apache tomcat 6.0.18 |
||
apache tomcat 6.0.5 |
||
apache tomcat 6.0.30 |
||
apache tomcat 6.0.2 |
||
apache tomcat 6.0.13 |
||
apache tomcat 6.0.26 |
||
apache tomcat 6.0.19 |
||
apache tomcat 6.0.27 |
||
apache tomcat 6.0.16 |
||
apache tomcat 6.0.8 |
Vulmon