Oracle Corporation Information for VU#944335

Apache web servers fail to handle chunks with a negative size

Status

Affected

Vendor Statement

Oracle has issued Oracle Security Alert #36 in response to the chunked encoding Apache HTTP Server security vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Oracle Security Alert #36 is expected to be available at: