JK惊现严重的安全漏洞
critical: Arbitary code execution and denial of service CVE-2007-0774
An unsafe memory copy in the URI handler for the native JK connector could result in a stackoverflow condition which could be leveraged to execute arbitary code or crash the web server.
Affects: JK 1.2.19-1.2.20
Source shipped with: Tomcat 4.1.34, 5.5.20
要解决该问题请使用最新版本 1.2.21,下载地址:
http://www.dlog.cn/html/diary/showlog.vm?sid=2&log_id=6456