Description

Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.

Remediation

References

CVE-2011-3375

Related Vulnerabilities

Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-9664)

WordPress Plugin Live Chat with Facebook Messenger Cross-Site Scripting (1.4.4)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-15727)

WordPress Plugin WordPress Infinite Scroll-Ajax Load More Unspecified Vulnerability (2.11.0)

WordPress Plugin Gwolle Guestbook Multiple Vulnerabilities (2.1.0)

Severity

Medium

Classification

CVE-2011-3375 CWE-200

Tags

Missing Update Known Vulnerabilities