Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2012-2733

Published

11 years ago

Last Modified

6 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data..

CVSSv2.0 Score

Severity: Medium
Base Score: 5/10
Exploit Score: 10/10
Access Vector: Network
Access Complexity: Low
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: None
Availability Impact: Partial
Integrity Impact: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:apache:tomcat:6.0.33:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.0:alpha::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.6:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.4:alpha::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.11:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.7:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.4:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.15:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.20:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.9:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.10:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.31:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.29:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.3:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.9:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.1:alpha::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.7:alpha::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.24:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.17:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.32:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.28:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.0:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.14:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.6:alpha::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.1:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.12:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.18:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.2:alpha::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.5:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.7:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.30:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.2:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.2:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.13:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.8:alpha::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.26:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.19:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.27:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.35:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.16:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:6.0.8:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.2:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.12:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.20:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.8:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.1:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.2:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.5:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.4:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.22:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.0:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.6:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.18:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.14:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.11:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.23:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.7:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.13:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.15:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.19:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.16:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.10:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.25:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.21:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.17:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.9:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.4:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.3:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2012-2733

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2012-2733

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References