CVE-2014-0075 (retired)

Priority
Description
Integer overflow in the parseChunkHeader function in
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache
Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote
attackers to cause a denial of service (resource consumption) via a
malformed chunk size in chunked transfer coding of a request during the
streaming of data.
Assigned-to
mdeslaur
Package
Upstream:released (6.0.41-1)
Ubuntu 12.04 ESM (Precise Pangolin):released (6.0.35-1ubuntu3.5)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (6.0.41-1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Patches:
Upstream:http://svn.apache.org/viewvc?view=revision&revision=1579262
Package
Upstream:released (7.0.53-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (7.0.53-1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (7.0.53-1)
Patches:
Upstream:http://svn.apache.org/viewvc?view=revision&revision=1578341
Package
Upstream:released (8.0.5-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (8.0.9-1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (8.0.9-1)
More Information

Updated: 2019-09-19 15:46:57 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)