CVE-2006-7197

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the…

redhat·NVD-CWE-Other·Published 2007-04-25

CVSS

—

EPSS

0.08

KEV

Exploits

Vendor statements (1)

redhat.com

cve.orgen

220 chars

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.

OSV.deven

222 chars

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the `ajp_process_callback` in mod_jk, which allows remote attackers to read portions of sensitive memory.

GHSAen

222 chars

NVDes

267 chars

El conector AJP en Apache Tomcat 5.5.15 utiliza un longitud incorrecta para chunks, lo cual podría provocar una lectura más allá del límite del búfer en ajp_process_callback en mod_jk, lo cual podría permitir a atacantes remotos leer porciones de memoria sensibles.

CVE-2006-7197

Vendor statements (1)

CVSS metrics across sources