CVE-2014-0099

Published: May 31, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.

Affected (107)

Products: Apache: Tomcat

Apache

1 product

Tomcat

Configuration A

46 vulnerable

Vulnerable Software	Affected Versions
Apache Tomcat	Up to 6.0.39
Apache Tomcat	Version 6.0.0
Apache Tomcat	Version 6.0.0 alpha
Apache Tomcat	Version 6.0.10
Apache Tomcat	Version 6.0.11
Apache Tomcat	Version 6.0.12
Apache Tomcat	Version 6.0.13
Apache Tomcat	Version 6.0.14
Apache Tomcat	Version 6.0.15
Apache Tomcat	Version 6.0.16
Apache Tomcat	Version 6.0.17
Apache Tomcat	Version 6.0.18
Apache Tomcat	Version 6.0.19
Apache Tomcat	Version 6.0.1
Apache Tomcat	Version 6.0.1 alpha
Apache Tomcat	Version 6.0.20
Apache Tomcat	Version 6.0.24
Apache Tomcat	Version 6.0.26
Apache Tomcat	Version 6.0.27
Apache Tomcat	Version 6.0.28
Apache Tomcat	Version 6.0.29
Apache Tomcat	Version 6.0.2
Apache Tomcat	Version 6.0.2 alpha
Apache Tomcat	Version 6.0.2 beta
Apache Tomcat	Version 6.0.30
Apache Tomcat	Version 6.0.31
Apache Tomcat	Version 6.0.32
Apache Tomcat	Version 6.0.33
Apache Tomcat	Version 6.0.35
Apache Tomcat	Version 6.0.36
Apache Tomcat	Version 6.0.37
Apache Tomcat	Version 6.0.3
Apache Tomcat	Version 6.0.4
Apache Tomcat	Version 6.0.4 alpha
Apache Tomcat	Version 6.0.5
Apache Tomcat	Version 6.0.6
Apache Tomcat	Version 6.0.6 alpha
Apache Tomcat	Version 6.0.7
Apache Tomcat	Version 6.0.7 alpha
Apache Tomcat	Version 6.0.7 beta
Apache Tomcat	Version 6.0.8
Apache Tomcat	Version 6.0.8 alpha
Apache Tomcat	Version 6.0.9
Apache Tomcat	Version 6.0.9 beta
Apache Tomcat	Version 6.0
Apache Tomcat	Version 6

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Apache Tomcat	Version 8.0.0 rc10
Apache Tomcat	Version 8.0.0 rc1
Apache Tomcat	Version 8.0.0 rc2
Apache Tomcat	Version 8.0.0 rc5
Apache Tomcat	Version 8.0.1
Apache Tomcat	Version 8.0.3

Configuration C

55 vulnerable

Vulnerable Software	Affected Versions
Apache Tomcat	Version 7.0.0
Apache Tomcat	Version 7.0.0 beta
Apache Tomcat	Version 7.0.10
Apache Tomcat	Version 7.0.11
Apache Tomcat	Version 7.0.12
Apache Tomcat	Version 7.0.13
Apache Tomcat	Version 7.0.14
Apache Tomcat	Version 7.0.15
Apache Tomcat	Version 7.0.16
Apache Tomcat	Version 7.0.17
Apache Tomcat	Version 7.0.18
Apache Tomcat	Version 7.0.19
Apache Tomcat	Version 7.0.1
Apache Tomcat	Version 7.0.20
Apache Tomcat	Version 7.0.21
Apache Tomcat	Version 7.0.22
Apache Tomcat	Version 7.0.23
Apache Tomcat	Version 7.0.24
Apache Tomcat	Version 7.0.25
Apache Tomcat	Version 7.0.26
Apache Tomcat	Version 7.0.27
Apache Tomcat	Version 7.0.28
Apache Tomcat	Version 7.0.29
Apache Tomcat	Version 7.0.2
Apache Tomcat	Version 7.0.2 beta
Apache Tomcat	Version 7.0.30
Apache Tomcat	Version 7.0.31
Apache Tomcat	Version 7.0.32
Apache Tomcat	Version 7.0.33
Apache Tomcat	Version 7.0.34
Apache Tomcat	Version 7.0.35
Apache Tomcat	Version 7.0.36
Apache Tomcat	Version 7.0.37
Apache Tomcat	Version 7.0.38
Apache Tomcat	Version 7.0.39
Apache Tomcat	Version 7.0.3
Apache Tomcat	Version 7.0.40
Apache Tomcat	Version 7.0.41
Apache Tomcat	Version 7.0.42
Apache Tomcat	Version 7.0.43
Apache Tomcat	Version 7.0.44
Apache Tomcat	Version 7.0.45
Apache Tomcat	Version 7.0.46
Apache Tomcat	Version 7.0.47
Apache Tomcat	Version 7.0.48
Apache Tomcat	Version 7.0.49
Apache Tomcat	Version 7.0.4
Apache Tomcat	Version 7.0.4 beta
Apache Tomcat	Version 7.0.50
Apache Tomcat	Version 7.0.52
Apache Tomcat	Version 7.0.5
Apache Tomcat	Version 7.0.6
Apache Tomcat	Version 7.0.7
Apache Tomcat	Version 7.0.8
Apache Tomcat	Version 7.0.9

Related CWEs

CWE-189

References (98)

http://advisories.mageia.org/MGASA-2014-0268.html

Source: secalert@redhat.com

http://linux.oracle.com/errata/ELSA-2014-0865.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html

Source: secalert@redhat.com

http://marc.info/?l=bugtraq&m=141017844705317&w=2

Source: secalert@redhat.com

http://marc.info/?l=bugtraq&m=141390017113542&w=2

Source: secalert@redhat.com

http://marc.info/?l=bugtraq&m=144498216801440&w=2

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2015-0675.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2015-0720.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2015-0765.html

Source: secalert@redhat.com

http://seclists.org/fulldisclosure/2014/Dec/23

Source: secalert@redhat.com

http://seclists.org/fulldisclosure/2014/May/138

Source: secalert@redhat.com

http://seclists.org/fulldisclosure/2014/May/140

Source: secalert@redhat.com

http://secunia.com/advisories/59121

Source: secalert@redhat.com

http://secunia.com/advisories/59678

Source: secalert@redhat.com

http://secunia.com/advisories/59732

Source: secalert@redhat.com

http://secunia.com/advisories/59835

Source: secalert@redhat.com

http://secunia.com/advisories/59849

Source: secalert@redhat.com

http://secunia.com/advisories/59873

Source: secalert@redhat.com

http://secunia.com/advisories/60729

Source: secalert@redhat.com

http://secunia.com/advisories/60793

Source: secalert@redhat.com

http://svn.apache.org/viewvc?view=revision&revision=1578812

Source: secalert@redhat.com

http://svn.apache.org/viewvc?view=revision&revision=1578814

Source: secalert@redhat.com

http://svn.apache.org/viewvc?view=revision&revision=1580473

Source: secalert@redhat.com

http://tomcat.apache.org/security-6.html

Source: secalert@redhat.com

Vendor Advisory

http://tomcat.apache.org/security-7.html

Source: secalert@redhat.com

Vendor Advisory

http://tomcat.apache.org/security-8.html

Source: secalert@redhat.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21678231

Source: secalert@redhat.com

http://www-01.ibm.com/support/docview.wss?uid=swg21680603

Source: secalert@redhat.com

http://www-01.ibm.com/support/docview.wss?uid=swg21681528

Source: secalert@redhat.com

http://www.debian.org/security/2016/dsa-3447

Source: secalert@redhat.com

http://www.debian.org/security/2016/dsa-3530

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2015:052

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2015:053

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

Source: secalert@redhat.com

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: secalert@redhat.com

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/532218/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/532221/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/67668

Source: secalert@redhat.com

http://www.securitytracker.com/id/1030302

Source: secalert@redhat.com

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: secalert@redhat.com

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

Source: secalert@redhat.com

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

Source: secalert@redhat.com

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

Source: secalert@redhat.com

http://advisories.mageia.org/MGASA-2014-0268.html