|
|
CVE Reference: CVE-2005-3164 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-3164 |
|
|
Description: The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages. |
|
|
CVE Status: Candidate |
|
|
References: SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 SAID Secunia Advisory: SA17019 Secunia Advisory: SA30802 Secunia Advisory: SA30908 Secunia Advisory: SA30899 MISC http://jvn.jp/jp/JVN%2379314822/index.html CONFIRM http://support.apple.com/kb/HT2163 http://tomcat.apache.org/security-4.html http://www.hitachi-support.com/security_e/vuls_e/HS05-019_e/01-e.html BID 15003 APPLE http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html |
|
| Return to the previous page. |
