Apache Tomcat JK Connector Buffer Overflow Vulnerability
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
A vulnerability in Apache Tomcat JK Connector could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to insufficient bounds checking by the affected software. An attacker could exploit this vulnerability by sending a crafted URI to a targeted virtual host. An exploit could trigger a buffer overflow condition that the attacker could leverage to execute arbitrary code or cause a DoS condition. Apache has confirmed the vulnerability and released software updates.