Lucene search

K

RedhatCVELIST:CVE-2011-1475

HistoryApr 08, 2011 - 3:00 p.m.

CVE-2011-1475

2011-04-0815:00:00

redhat

www.cve.org

1

4.1 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.1%

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to “a mix-up of responses for requests from different users.”

References

seclists.org/fulldisclosure/2011/Apr/97

securityreason.com/securityalert/8188

svn.apache.org/viewvc?view=revision&revision=1086349

svn.apache.org/viewvc?view=revision&revision=1086352

tomcat.apache.org/security-7.html

www.securityfocus.com/archive/1/517363

www.securityfocus.com/bid/47199

www.securitytracker.com/id?1025303

www.vupen.com/english/advisories/2011/0894

exchange.xforce.ibmcloud.com/vulnerabilities/66676

issues.apache.org/bugzilla/show_bug.cgi?id=50957

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12374

4.1 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.1%

Related for CVELIST:CVE-2011-1475

openvas4 securityvulns2 github1 cve1 ubuntucve1 prion1 nvd1 osv1 nessus4 tomcat1 gentoo1