Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.

OSVersionArchitecturePackageVersionFilename
Debian9alltomcat7< 7.0.75-1tomcat7_7.0.75-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	all	tomcat7	< 7.0.75-1	tomcat7_7.0.75-1_all.deb

nessus 14

cvelist 1

nvd 1

securityvulns 4

github 1

openvas 11

seebug 2

ubuntucve 1

osv 2

prion 1

cve 1

tomcat 2

ubuntu 1

redhat 2

vmware 2

debian 1

ibm 2

gentoo 1

nessus

Oracle Solaris Third-Party Patch Update : tomcat (cve_2011_3375_information_disclosure)

2015-01-19 00:00:00

Apache Tomcat 7.0.0 < 7.0.22 multiple vulnerabilities

2011-12-12 00:00:00

Apache Tomcat 7.0.x < 7.0.22 Multiple Vulnerabilities

2012-02-22 00:00:00

cvelist

CVE-2011-3375

2012-01-19 02:00:00

nvd

CVE-2011-3375

2012-01-19 04:01:16

securityvulns

[SECURITY] CVE-2011-3375 Apache Tomcat Information disclosure

2012-01-20 00:00:00

Apache Tomcat security vulnerabilities

2012-01-20 00:00:00

VMSA-20120005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues

2012-03-20 00:00:00

github

Apache Tomcat Exposes IP Addresses and HTTP Headers of Requests

2022-05-17 05:33:28

openvas

Apache Tomcat Request Object Security Bypass Vulnerability - Windows

2012-01-20 00:00:00

Apache Tomcat 7.0.x < 7.0.22 Multiple Vulnerabilities - Linux

2021-10-29 00:00:00

Ubuntu: Security Advisory (USN-1359-1)

2012-02-21 00:00:00

seebug

Apache Tomcat请求对象安全限制绕过漏洞

2012-02-04 00:00:00

Apache Tomcat Request Information Disclosure

2012-01-18 00:00:00

ubuntucve

CVE-2011-3375

2012-01-18 00:00:00

osv

Apache Tomcat Exposes IP Addresses and HTTP Headers of Requests

2022-05-17 05:33:28

tomcat6 - several

2012-02-02 00:00:00

prion

Design/Logic Flaw

2012-01-19 04:01:00

cve

CVE-2011-3375

2012-01-19 04:01:16

tomcat

Fixed in Apache Tomcat 7.0.22

2011-10-01 00:00:00

Fixed in Apache Tomcat 6.0.35

2011-12-05 00:00:00

ubuntu

Tomcat vulnerabilities

2012-02-13 00:00:00

redhat

(RHSA-2012:0682) Moderate: tomcat6 security and bug fix update

2012-05-21 00:00:00

(RHSA-2012:0681) Moderate: tomcat6 security and bug fix update

2012-05-21 16:31:40

vmware

VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues

2012-03-15 00:00:00

VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issues

2012-03-15 00:00:00

debian

[SECURITY] [DSA 2401-1] tomcat6 security update

2012-02-02 19:29:50

ibm

Security Bulletin: Storwize V7000 Unified V1.3.2.3 and V1.4.0.0 Include Fixes for Multiple Vendor Security Vulnerabilities

2022-09-26 04:23:14

Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities

2022-09-26 04:23:14

gentoo

Apache Tomcat: Multiple vulnerabilities

2012-06-24 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.003 Low

EPSS

Percentile

65.2%

JSON

Related for DEBIANCVE:CVE-2011-3375