Description

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.

Remediation

References

CVE-2012-4534

Related Vulnerabilities

WordPress Plugin WooCommerce Weight Based Shipping Cross-Site Request Forgery (5.4.1)

Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9578)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1441)

Dotclear Other Vulnerability (CVE-2005-3957)

Drupal Core 4.7.x Security Bypass (4.7.0 - 4.7.7)

Severity

Low

Classification

CVE-2012-4534

Tags

Missing Update Known Vulnerabilities