CVE
- Id
- 64269
- CVE No.
- CVE-2013-4322
- Status
- Candidate
- Description
- Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
- Phase
- Assigned (20130612)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 633957 | 64269 | CVE-2013-4322 | BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | View |
| 633958 | 64269 | CVE-2013-4322 | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | View |
| 633959 | 64269 | CVE-2013-4322 | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | View |
| 633960 | 64269 | CVE-2013-4322 | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | View |
| 633961 | 64269 | CVE-2013-4322 | CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=1521834 | View |
| 633962 | 64269 | CVE-2013-4322 | CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=1521864 | View |
| 633963 | 64269 | CVE-2013-4322 | CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=1549522 | View |
| 633964 | 64269 | CVE-2013-4322 | CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=1549523 | View |
| 633965 | 64269 | CVE-2013-4322 | CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=1556540 | View |
| 633966 | 64269 | CVE-2013-4322 | CONFIRM:http://tomcat.apache.org/security-6.html | View |
| 633967 | 64269 | CVE-2013-4322 | CONFIRM:http://tomcat.apache.org/security-7.html | View |
| 633968 | 64269 | CVE-2013-4322 | CONFIRM:http://tomcat.apache.org/security-8.html | View |
| 633969 | 64269 | CVE-2013-4322 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1069905 | View |
| 633970 | 64269 | CVE-2013-4322 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21667883 | View |
| 633971 | 64269 | CVE-2013-4322 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21675886 | View |
| 633972 | 64269 | CVE-2013-4322 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21677147 | View |
| 633973 | 64269 | CVE-2013-4322 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21678113 | View |
| 633974 | 64269 | CVE-2013-4322 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21678231 | View |
| 633975 | 64269 | CVE-2013-4322 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | View |
| 633976 | 64269 | CVE-2013-4322 | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | View |
| 633977 | 64269 | CVE-2013-4322 | CONFIRM:http://advisories.mageia.org/MGASA-2014-0148.html | View |
| 633978 | 64269 | CVE-2013-4322 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | View |
| 633979 | 64269 | CVE-2013-4322 | CONFIRM:https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013 | View |
| 633980 | 64269 | CVE-2013-4322 | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0008.html | View |
| 633981 | 64269 | CVE-2013-4322 | DEBIAN:DSA-3530 | View |
| 633982 | 64269 | CVE-2013-4322 | URL:http://www.debian.org/security/2016/dsa-3530 | View |
| 633983 | 64269 | CVE-2013-4322 | HP:HPSBOV03503 | View |
| 633984 | 64269 | CVE-2013-4322 | URL:http://marc.info/?l=bugtraq&m=144498216801440&w=2 | View |
| 633985 | 64269 | CVE-2013-4322 | MANDRIVA:MDVSA-2015:052 | View |
| 633986 | 64269 | CVE-2013-4322 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:052 | View |
| 633987 | 64269 | CVE-2013-4322 | MANDRIVA:MDVSA-2015:084 | View |
| 633988 | 64269 | CVE-2013-4322 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:084 | View |
| 633989 | 64269 | CVE-2013-4322 | REDHAT:RHSA-2014:0686 | View |
| 633990 | 64269 | CVE-2013-4322 | URL:https://rhn.redhat.com/errata/RHSA-2014-0686.html | View |
| 633991 | 64269 | CVE-2013-4322 | BID:65767 | View |
| 633992 | 64269 | CVE-2013-4322 | URL:http://www.securityfocus.com/bid/65767 | View |
| 633993 | 64269 | CVE-2013-4322 | SECUNIA:59036 | View |
| 633994 | 64269 | CVE-2013-4322 | URL:http://secunia.com/advisories/59036 | View |
| 633995 | 64269 | CVE-2013-4322 | SECUNIA:59722 | View |
| 633996 | 64269 | CVE-2013-4322 | URL:http://secunia.com/advisories/59722 | View |
| 633997 | 64269 | CVE-2013-4322 | SECUNIA:59724 | View |
| 633998 | 64269 | CVE-2013-4322 | URL:http://secunia.com/advisories/59724 | View |
| 633999 | 64269 | CVE-2013-4322 | SECUNIA:59873 | View |
| 634000 | 64269 | CVE-2013-4322 | URL:http://secunia.com/advisories/59873 | View |
| 634001 | 64269 | CVE-2013-4322 | SECUNIA:59675 | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 22924 | JVNDB-2013-004499 | systemd におけるアクセス制限を回避される脆弱性 | systemd は、polkit authority との通信に D-Bus を適切に使用しないため、アクセス制限を回避される脆弱性が存在します。 | CVE-2013-4327 | 64269 | 4.6 | http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004499.html | View |
