CVE-2011-3375

Priority
Description
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly
perform certain caching and recycling operations involving request objects,
which allows remote attackers to obtain unintended read access to IP
address and HTTP header information in opportunistic circumstances by
reading TCP data.
Notes
 mdeslaur> advisory says Tomcat 6.0.30 to 6.0.33
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Package
Upstream:released (6.0.35)
Patches:
Upstream:http://svn.apache.org/viewvc?view=revision&revision=1185998
Package
Upstream:released (7.0.22)
More Information

Updated: 2019-03-19 12:00:39 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)