1 results (0.003 seconds)
CVSS: 7.5EPSS: 0%CPEs: 128EXPL: 1
CVSS: 7.5EPSS: 0%CPEs: 128EXPL: 1CVE-2008-5519 – mod_jk: session information leak
https://notcve.org/view.php?id=CVE-2008-5519
09 Apr 2009 — The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers. El conector JK (tambien conocido como mod_jk) v1.2.0 hasta la v... • http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •