Apache Tomcat CVE-2014-0099 Numeric Errors Vulnerability
Description
The code used to parse the request content length header did not check for overflow in the result. This exposed a request smuggling vulnerability when Tomcat was located behind a reverse proxy that correctly processed the content length header.
Affected Applications
Apache Tomcat