CVE
- Id
- 53265
- CVE No.
- CVE-2012-0022
- Status
- Candidate
- Description
- Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
- Phase
- Assigned (20111207)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 562803 | 53265 | CVE-2012-0022 | BUGTRAQ:20120117 [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service | View |
| 562804 | 53265 | CVE-2012-0022 | URL:http://archives.neohapsis.com/archives/bugtraq/2012-01/0112.html | View |
| 562805 | 53265 | CVE-2012-0022 | CONFIRM:http://tomcat.apache.org/security-5.html | View |
| 562806 | 53265 | CVE-2012-0022 | CONFIRM:http://tomcat.apache.org/security-6.html | View |
| 562807 | 53265 | CVE-2012-0022 | CONFIRM:http://tomcat.apache.org/security-7.html | View |
| 562808 | 53265 | CVE-2012-0022 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | View |
| 562809 | 53265 | CVE-2012-0022 | DEBIAN:DSA-2401 | View |
| 562810 | 53265 | CVE-2012-0022 | URL:http://www.debian.org/security/2012/dsa-2401 | View |
| 562811 | 53265 | CVE-2012-0022 | HP:HPSBUX02741 | View |
| 562812 | 53265 | CVE-2012-0022 | URL:http://marc.info/?l=bugtraq&m=132871655717248&w=2 | View |
| 562813 | 53265 | CVE-2012-0022 | HP:HPSBUX02860 | View |
| 562814 | 53265 | CVE-2012-0022 | URL:http://marc.info/?l=bugtraq&m=136485229118404&w=2 | View |
| 562815 | 53265 | CVE-2012-0022 | HP:SSRT101146 | View |
| 562816 | 53265 | CVE-2012-0022 | URL:http://marc.info/?l=bugtraq&m=136485229118404&w=2 | View |
| 562817 | 53265 | CVE-2012-0022 | HP:SSRT100728 | View |
| 562818 | 53265 | CVE-2012-0022 | URL:http://marc.info/?l=bugtraq&m=132871655717248&w=2 | View |
| 562819 | 53265 | CVE-2012-0022 | MANDRIVA:MDVSA-2013:150 | View |
| 562820 | 53265 | CVE-2012-0022 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | View |
| 562821 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:0345 | View |
| 562822 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-0345.html | View |
| 562823 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:1331 | View |
| 562824 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-1331.html | View |
| 562825 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:0074 | View |
| 562826 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-0074.html | View |
| 562827 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:0075 | View |
| 562828 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-0075.html | View |
| 562829 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:0076 | View |
| 562830 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-0076.html | View |
| 562831 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:0077 | View |
| 562832 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-0077.html | View |
| 562833 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:0078 | View |
| 562834 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-0078.html | View |
| 562835 | 53265 | CVE-2012-0022 | REDHAT:RHSA-2012:0325 | View |
| 562836 | 53265 | CVE-2012-0022 | URL:http://rhn.redhat.com/errata/RHSA-2012-0325.html | View |
| 562837 | 53265 | CVE-2012-0022 | BID:51447 | View |
| 562838 | 53265 | CVE-2012-0022 | URL:http://www.securityfocus.com/bid/51447 | View |
| 562839 | 53265 | CVE-2012-0022 | OVAL:oval:org.mitre.oval:def:16925 | View |
| 562840 | 53265 | CVE-2012-0022 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16925 | View |
| 562841 | 53265 | CVE-2012-0022 | OVAL:oval:org.mitre.oval:def:18934 | View |
| 562842 | 53265 | CVE-2012-0022 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:18934 | View |
| 562843 | 53265 | CVE-2012-0022 | SECUNIA:48213 | View |
| 562844 | 53265 | CVE-2012-0022 | URL:http://secunia.com/advisories/48213 | View |
| 562845 | 53265 | CVE-2012-0022 | SECUNIA:48790 | View |
| 562846 | 53265 | CVE-2012-0022 | URL:http://secunia.com/advisories/48790 | View |
| 562847 | 53265 | CVE-2012-0022 | SECUNIA:48791 | View |
| 562848 | 53265 | CVE-2012-0022 | URL:http://secunia.com/advisories/48791 | View |
| 562849 | 53265 | CVE-2012-0022 | SECUNIA:50863 | View |
| 562850 | 53265 | CVE-2012-0022 | URL:http://secunia.com/advisories/50863 | View |
| 562851 | 53265 | CVE-2012-0022 | XF:apache-tomcat-parameter-dos(72425) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 25315 | JVNDB-2012-001022 | OpenSSL の GOST ENGINE におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 | OpenSSL の GOST ENGINE は、GOST ブロック暗号の無効なパラメータを適切に処理しないため、サービス運用妨害 (デーモンクラッシュ) 状態となる脆弱性が存在します。 | CVE-2012-0027 | 53265 | 5 | http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001022.html | View |
