Description

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.

Remediation

References

CVE-2012-4534

Related Vulnerabilities

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-6291)

Drupal Core 8.9.x Remote Code Execution (8.9.0 - 8.9.9)

Oracle Application Server CVE-2008-0347 Vulnerability (CVE-2008-0347)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4539)

WordPress Plugin Variation Swatches for WooCommerce Cross-Site Scripting (1.0.61)

Severity

Low

Classification

CVE-2012-4534

Tags

Missing Update Known Vulnerabilities