Description
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.
Remediation
References
Related Vulnerabilities
MediaWiki Other Vulnerability (CVE-2012-5395)
WordPress Plugin QIWI payment module for Woocommerce Cross-Site Scripting (0.0.9)
WordPress Plugin TemplatesNext ToolKit Cross-Site Scripting (3.2.7)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.38)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) Unspecified Vulnerability (4.8)