Description

Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.

Remediation

References

CVE-2002-2272

Related Vulnerabilities

Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.7)

WordPress Plugin LearnPress-WordPress LMS Security Bypass (3.2.6.8)

Oracle Database Server CVE-2011-0830 Vulnerability (CVE-2011-0830)

WordPress Plugin LearnPress-WordPress LMS Multiple Vulnerabilities (4.1.7.3.2)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1829)

Severity

High

Classification

CVE-2002-2272 CWE-119

Tags

Missing Update Known Vulnerabilities