Hi,
short question, I read in the http://tomcat.apache.org/security-6.html
that a possible DoS attack vulnerability has been fixed in Request
class.
Does that mean that CVE-2010-4476 is
a) not an issue with 6.0.32++
b) not an issue unless the app uses Double.parseDouble
c) probably not in issue in tomcat, at least until someone finds out it is.
regards
Leon
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|