CVE Vulnerabilities

CVE-2014-0075

Published: May 31, 2014 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

Affected Software

Name Vendor Start Version End Version
Tomcat Apache 7.0.2 7.0.2
Tomcat Apache 7.0.49 7.0.49
Tomcat Apache 7.0.12 7.0.12
Tomcat Apache 7.0.20 7.0.20
Tomcat Apache 7.0.34 7.0.34
Tomcat Apache 7.0.8 7.0.8
Tomcat Apache 7.0.1 7.0.1
Tomcat Apache 7.0.2 7.0.2
Tomcat Apache 7.0.5 7.0.5
Tomcat Apache 7.0.4 7.0.4
Tomcat Apache 7.0.22 7.0.22
Tomcat Apache 7.0.39 7.0.39
Tomcat Apache 7.0.26 7.0.26
Tomcat Apache 7.0.46 7.0.46
Tomcat Apache 7.0.28 7.0.28
Tomcat Apache 7.0.0 7.0.0
Tomcat Apache 7.0.50 7.0.50
Tomcat Apache 7.0.6 7.0.6
Tomcat Apache 7.0.18 7.0.18
Tomcat Apache 7.0.14 7.0.14
Tomcat Apache 7.0.48 7.0.48
Tomcat Apache 7.0.11 7.0.11
Tomcat Apache 7.0.23 7.0.23
Tomcat Apache 7.0.0 7.0.0
Tomcat Apache 7.0.44 7.0.44
Tomcat Apache 7.0.7 7.0.7
Tomcat Apache 7.0.52 7.0.52
Tomcat Apache 7.0.42 7.0.42
Tomcat Apache 7.0.37 7.0.37
Tomcat Apache 7.0.29 7.0.29
Tomcat Apache 7.0.45 7.0.45
Tomcat Apache 7.0.13 7.0.13
Tomcat Apache 7.0.47 7.0.47
Tomcat Apache 7.0.41 7.0.41
Tomcat Apache 7.0.31 7.0.31
Tomcat Apache 7.0.30 7.0.30
Tomcat Apache 7.0.15 7.0.15
Tomcat Apache 7.0.19 7.0.19
Tomcat Apache 7.0.16 7.0.16
Tomcat Apache 7.0.10 7.0.10
Tomcat Apache 7.0.36 7.0.36
Tomcat Apache 7.0.25 7.0.25
Tomcat Apache 7.0.35 7.0.35
Tomcat Apache 7.0.43 7.0.43
Tomcat Apache 7.0.32 7.0.32
Tomcat Apache 7.0.38 7.0.38
Tomcat Apache 7.0.21 7.0.21
Tomcat Apache 7.0.27 7.0.27
Tomcat Apache 7.0.24 7.0.24
Tomcat Apache 7.0.17 7.0.17
Tomcat Apache 7.0.40 7.0.40
Tomcat Apache 7.0.9 7.0.9
Tomcat Apache 7.0.4 7.0.4
Tomcat Apache 7.0.3 7.0.3
Tomcat Apache 7.0.33 7.0.33

References