cbcvebase.
CVE-2010-2227
published 2010-07-13

CVE-2010-2227: Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote…

PriorityP352medium6.4CVSS 2.0
AVNACLAuNCPINAP
EXPLOIT
EPSS
54.78%
98.9th percentile
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."

Affected

60 ranges· showing 25
VendorProductVersion rangeFixed in
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat
apachetomcat

Detection & IOCsextracted from sources · hover to see the quote

otherTransfer-Encoding: [invalid value]
  • Detect HTTP requests containing an invalid/malformed Transfer-Encoding header sent to Apache Tomcat; such requests can trigger buffer recycling issues leading to information disclosure or DoS.
  • Exploitation risk is reduced when Tomcat is placed behind a reverse proxy, as the proxy should reject the invalid Transfer-Encoding header before it reaches Tomcat.
  • Monitor for information leakage between requests (cross-request data bleed) on Apache Tomcat 5.5.0–5.5.29, 6.0.0–6.0.27, and 7.0.0 beta, which may indicate successful exploitation via buffer recycling interference.
  • ·Affected versions are Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta. Fixed in Tomcat 5.5.30 and 6.0.28.
  • ·Red Hat Enterprise Linux 6 ships tomcat6 which is listed as Not Affected for this CVE.

CVSS provenance

nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
vendor_redhat6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.