FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2014-0075

This CVE name corresponds to:

Entered Topic
2014-07-23 tomcat -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2014-0075 at cve.mitre.org

Details

Type Candidate
Name CVE-2014-0075
Phase Assigned(20131203)

Description

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

References

Source Reference
BUGTRAQ 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
FULLDISC 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1578337
CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1578341
CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1579262
CONFIRM http://tomcat.apache.org/security-6.html
CONFIRM http://tomcat.apache.org/security-7.html
CONFIRM http://tomcat.apache.org/security-8.html
CONFIRM http://www.novell.com/support/kb/doc.php?id=7010166
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21678231
CONFIRM http://linux.oracle.com/errata/ELSA-2014-0865.html
CONFIRM http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21680603
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21681528
CONFIRM http://www.vmware.com/security/advisories/VMSA-2014-0012.html
CONFIRM http://advisories.mageia.org/MGASA-2014-0268.html
DEBIAN DSA-3530
FEDORA FEDORA-2015-2109
HP HPSBUX03150
MANDRIVA MDVSA-2015:052
MANDRIVA MDVSA-2015:053
MANDRIVA MDVSA-2015:084
REDHAT RHSA-2015:0675
REDHAT RHSA-2015:0720
REDHAT RHSA-2015:0765
BID 67671
SECUNIA 59616
SECUNIA 59678
SECUNIA 59835
SECUNIA 59873
SECUNIA 59732
SECUNIA 59849
SECUNIA 60729
SECUNIA 60793

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.