SynopsisThe remote web server is affected by security bypass vulnerability.
DescriptionVersions of Tomcat 7.0.x earlier than 7.0.12 are potentially affected by multiple vulnerabilities :
- An information disclosure exists in the HTTP BIO connector. (CVE-2011-1475)
- A security bypass vulnerability exists due to a regression in the fix for CVE-2011-1088. Note that this issue only affects Tomcat 7.0.11.(CVE-2011-1183)
SolutionUpgrade to Apache Tomcat 7.0.12 or later.