CVE-2008-3271

by Fred · 13/10/2008

Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.

Date published : 2008-10-13

http://www.securityfocus.com/bid/31698

http://www.securityfocus.com/archive/1/497220/100/0/threaded

CVE-2008-3271

Similar

Recent Posts

Categories

CVE-2008-3271

Share this:

Similar

Recent Posts

Categories

Tags