NVD

Id
29034  
Name
CVE-2014-0099  
Description
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2014-05-31  
Modified Date
2017-01-06  
Seq
2014-0099  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
153276 29034 CVE-2014-0099 http://advisories.mageia.org/MGASA-2014-0268.html  View
153277 29034 CVE-2014-0099 http://linux.oracle.com/errata/ELSA-2014-0865.html  View
153278 29034 CVE-2014-0099 FEDORA-2015-2109  View
153279 29034 CVE-2014-0099 SSRT101681  View
153280 29034 CVE-2014-0099 HPSBUX03150  View
153281 29034 CVE-2014-0099 HPSBOV03503  View
153282 29034 CVE-2014-0099 RHSA-2015:0675  View
153283 29034 CVE-2014-0099 RHSA-2015:0720  View
153284 29034 CVE-2014-0099 RHSA-2015:0765  View
153285 29034 CVE-2014-0099 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities  View
153286 29034 CVE-2014-0099 59121  View
153287 29034 CVE-2014-0099 http://svn.apache.org/viewvc?view=revision&revision=1578812  View
153288 29034 CVE-2014-0099 http://svn.apache.org/viewvc?view=revision&revision=1578814  View
153289 29034 CVE-2014-0099 http://svn.apache.org/viewvc?view=revision&revision=1580473  View
153290 29034 CVE-2014-0099 http://tomcat.apache.org/security-6.html  View
153291 29034 CVE-2014-0099 http://tomcat.apache.org/security-7.html  View
153292 29034 CVE-2014-0099 http://tomcat.apache.org/security-8.html  View
153293 29034 CVE-2014-0099 http://www-01.ibm.com/support/docview.wss?uid=swg21678231  View
153294 29034 CVE-2014-0099 http://www-01.ibm.com/support/docview.wss?uid=swg21680603  View
153295 29034 CVE-2014-0099 http://www-01.ibm.com/support/docview.wss?uid=swg21681528  View
153296 29034 CVE-2014-0099 DSA-3447  View
153297 29034 CVE-2014-0099 DSA-3530  View
153298 29034 CVE-2014-0099 MDVSA-2015:052  View
153299 29034 CVE-2014-0099 MDVSA-2015:053  View
153300 29034 CVE-2014-0099 MDVSA-2015:084  View
153301 29034 CVE-2014-0099 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html  View
153302 29034 CVE-2014-0099 http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html  View
153303 29034 CVE-2014-0099 20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure  View
153304 29034 CVE-2014-0099 20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure  View
153305 29034 CVE-2014-0099 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities  View
153306 29034 CVE-2014-0099 67668  View
153307 29034 CVE-2014-0099 1030302  View
153308 29034 CVE-2014-0099 http://www.vmware.com/security/advisories/VMSA-2014-0012.html  View
153309 29034 CVE-2014-0099 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
13826 JVNDB-2014-002701 Apache Tomcat の java/org/apache/tomcat/util/buf/Ascii.java における整数オーバーフローの脆弱性 Apache Tomcat の java/org/apache/tomcat/util/buf/Ascii.java には、リバースプロキシの背後で動作する場合、整数オーバーフローの脆弱性が存在します。 CVE-2014-0099 67500 CVE-2014-0099 29034 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002701.html 2014-03-27 2016-11-22 View