DEBIAN-CVE-2007-0774

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2007-0774

Published: 04 Mar 2007, 22:19

Last modified:28 Apr 2026, 20:09

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

04 Mar 2007, 22:19

Published

Vulnerability first disclosed

28 Apr 2026, 20:09

Last Modified

Vulnerability information updated

Description

Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.

Affected Systems

debian•libapache-mod-jk
< 1:1.2.21-1 | < 1:1.2.21-1 | < 1:1.2.21-1 | < 1:1.2.21-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2007-0774