Description
org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2015-4796 Vulnerability (CVE-2015-4796)
Internet Information Services Other Vulnerability (CVE-2006-6579)
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1476)
WordPress Improper Input Validation Vulnerability (CVE-2013-5738)
MySQL Insufficiently Protected Credentials Vulnerability (CVE-2012-5627)