Skip to main content

CVE-2006-7197

Severity High
Score 7.8/10

Summary

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • COMPLETE
  • NONE

References

Advisory Timeline

  • Published