SecuritySpace - CVE-2012-2733

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID:	CVE-2012-2733
Description:	java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
Test IDs:	1.3.6.1.4.1.25623.1.0.72607 1.3.6.1.4.1.25623.1.0.802679 1.3.6.1.4.1.25623.1.1.4.2013.0226.1
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2733 BugTraq ID: 56402 http://www.securityfocus.com/bid/56402 HPdes Security Advisory: HPSBMU02873 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878 HPdes Security Advisory: HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 HPdes Security Advisory: HPSBUX02866 http://marc.info/?l=bugtraq&m=136612293908376&w=2 HPdes Security Advisory: SSRT101139 http://marc.info/?l=bugtraq&m=136612293908376&w=2 HPdes Security Advisory: SSRT101182 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19218 http://www.securitytracker.com/id?1027729 http://secunia.com/advisories/51371 http://secunia.com/advisories/57126 SuSE Security Announcement: openSUSE-SU-2012:1700 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html SuSE Security Announcement: openSUSE-SU-2012:1701 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html SuSE Security Announcement: openSUSE-SU-2013:0147 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html http://www.ubuntu.com/usn/USN-1637-1