CVE-2016-6817
10.08.2017, 22:29
The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.
| Vendor | Product | Version |
|---|---|---|
| apache | tomcat | 8.5.0 |
| apache | tomcat | 8.5.1 |
| apache | tomcat | 8.5.2 |
| apache | tomcat | 8.5.3 |
| apache | tomcat | 8.5.4 |
| apache | tomcat | 8.5.5 |
| apache | tomcat | 8.5.6 |
| apache | tomcat | 9.0.0:milestone1 |
| apache | tomcat | 9.0.0:milestone10 |
| apache | tomcat | 9.0.0:milestone11 |
| apache | tomcat | 9.0.0:milestone2 |
| apache | tomcat | 9.0.0:milestone3 |
| apache | tomcat | 9.0.0:milestone4 |
| apache | tomcat | 9.0.0:milestone5 |
| apache | tomcat | 9.0.0:milestone6 |
| apache | tomcat | 9.0.0:milestone7 |
| apache | tomcat | 9.0.0:milestone8 |
| apache | tomcat | 9.0.0:milestone9 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
References