Description

Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.

Remediation

References

CVE-2002-2272

Related Vulnerabilities

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27422)

WordPress Plugin Team Members Unspecified Vulnerability (2.1.2)

WordPress Plugin GamePress-The Game Database Cross-Site Scripting (1.1.0)

Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-20166)

WordPress Plugin Qyrr-simply and modern QR-Code creation Cross-Site Scripting (0.6)

Severity

High

Classification

CVE-2002-2272 CWE-119

Tags

Missing Update Known Vulnerabilities