CVE-2011-3375: Infoleak

First published: Thu Jan 19 2012(Updated: )

Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.

Credit: secalert@redhat.com secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• collector/nvd-index
• agent/type
• agent/first-publish-date
• collector/github-advisory-latest
• source/GitHub
• alias/GHSA-rp8h-vr48-4j8p
• alias/CVE-2011-3375
• agent/software-canonical-lookup
• agent/references
• agent/weakness
• agent/severity
• agent/last-modified-date
• agent/description
• agent/author
• agent/softwarecombine
• agent/event
• collector/nvd-cve
• source/NVD
• collector/github-advisory
• agent/tags
• collector/mitre-cve
• source/MITRE
• vendor/apache
• canonical/apache tomcat
• version/apache tomcat/6.0.33
• version/apache tomcat/6.0.31
• version/apache tomcat/6.0.32
• version/apache tomcat/6.0.30
• version/apache tomcat/7.0.12
• version/apache tomcat/7.0.20
• version/apache tomcat/7.0.8
• version/apache tomcat/7.0.1
• version/apache tomcat/7.0.2
• version/apache tomcat/7.0.5
• version/apache tomcat/7.0.0
• version/apache tomcat/7.0.6
• version/apache tomcat/7.0.18
• version/apache tomcat/7.0.14
• version/apache tomcat/7.0.11
• version/apache tomcat/7.0.7
• version/apache tomcat/7.0.13
• version/apache tomcat/7.0.15
• version/apache tomcat/7.0.19
• version/apache tomcat/7.0.16
• version/apache tomcat/7.0.10
• version/apache tomcat/7.0.21
• version/apache tomcat/7.0.17
• version/apache tomcat/7.0.9
• version/apache tomcat/7.0.4
• version/apache tomcat/7.0.3
• package-manager/maven