Apache Tomcat JK Connector

3月 9, 2007 Security
(Last Updated On: 2007年3月9日)


critical: Arbitary code execution and denial of service CVE-2007-0774

An unsafe memory copy in the URI handler for the native JK connector could result in a stackoverflow condition which could be leveraged to execute arbitary code or crash the web server.

Affects: JK 1.2.19-1.2.20
Source shipped with: Tomcat 4.1.34, 5.5.20

投稿者: yohgaki