Description

Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.

Remediation

References

CVE-2011-0534

Related Vulnerabilities

WordPress Plugin Subscribe To Comments Reloaded Multiple Vulnerabilities (140204)

Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)

ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-0300)

WordPress Plugin Poll, Survey, Form & Quiz Maker by OpinionStage Unspecified Vulnerability (15.0.0)

Vulnerable package dependencies [medium]

Severity

Medium

Classification

CVE-2011-0534

Tags

Missing Update Known Vulnerabilities