Main
Vulnerability Database
Exploits
ID:1620 - Exploit for Arbitrary code execution in Apache Tomcat JK ISAPI Connector - CVE-2007-0774
ID:1620 - Exploit for Arbitrary code execution in Apache Tomcat JK ISAPI Connector - CVE-2007-0774
Published: March 18, 2020
Vulnerability identifier: #VU799
Vulnerability risk: High
CVE-ID: CVE-2007-0774
CWE-ID: CWE-121
Exploitation vector: Remote access
Vulnerable software:
Apache Tomcat JK ISAPI Connector
Apache Tomcat JK ISAPI Connector
Link to public exploit:
Vulnerability description
The vulnerability allows a remote unauthenticated user to cause arbitrary code execution or DoS conditions on the target system.
The weakness is due to stack overflow that may occur because of unsafe memory copy in the URI handler for the native JK connector and allows attackers to execute arbitrary code or trigger the web server crash.
Successful exploitation of the vulnerablity may result in erbitrary code execution or
The weakness is due to stack overflow that may occur because of unsafe memory copy in the URI handler for the native JK connector and allows attackers to execute arbitrary code or trigger the web server crash.
Successful exploitation of the vulnerablity may result in erbitrary code execution or
Remediation
Update to version 1.2.21.