Intrusion Prevention



This indicates an attempt to exploit an information-disclosure vulnerability in Apache Tomcat.
The vulnerability is a result of the application's failure to validate user input before processing HTTP requests. As a result, a remote attacker can send a crafted request to obtain the sensitive information on the server.

Affected Products

Apache Tomcat 4.x, 5.x, 6.x


Information Disclosure.

Recommended Actions

Apply the latest update from the vendor.

CVE References

CVE-2008-5515 CVE-2008-2370