Apache Tomcat CVE-2014-0099 Numeric Errors Vulnerability

description-logoDescription

The code used to parse the request content length header did not check for overflow in the result. This exposed a request smuggling vulnerability when Tomcat was located behind a reverse proxy that correctly processed the content length header.

affected-products-logoAffected Applications

Apache Tomcat

CVE References

CVE-2014-0099