5
CVSSv2

CVE-2011-3375

Published: 19/01/2012 Updated: 21/11/2024

Vulnerability Summary

Apache Tomcat 6.0.30 up to and including 6.0.33 and 7.x prior to 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote malicious users to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.

Vulnerable Product Search on Vulmon Subscribe to Product

apache tomcat 6.0.30

apache tomcat 6.0.31

apache tomcat 6.0.32

apache tomcat 6.0.33

apache tomcat 7.0.0

apache tomcat 7.0.1

apache tomcat 7.0.2

apache tomcat 7.0.3

apache tomcat 7.0.4

apache tomcat 7.0.5

apache tomcat 7.0.6

apache tomcat 7.0.7

apache tomcat 7.0.8

apache tomcat 7.0.9

apache tomcat 7.0.10

apache tomcat 7.0.11

apache tomcat 7.0.12

apache tomcat 7.0.13

apache tomcat 7.0.14

apache tomcat 7.0.15

apache tomcat 7.0.16

apache tomcat 7.0.17

apache tomcat 7.0.18

apache tomcat 7.0.19

apache tomcat 7.0.20

apache tomcat 7.0.21

Vendor Advisories

Synopsis Moderate: tomcat6 security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated tomcat6 packages that fix multiple security issues and three bugsare now available for JBoss Enterprise Web Server 102 for Red HatEnterprise Linux 5 and 6The Red Hat Security Response Team has r ...
Tomcat could be made to crash or expose sensitive information if it received specially crafted network traffic ...