Intrusion Prevention

HTTP.Chunked-Body.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Denial of Service vulnerability in Apache Tomcat.
The vulnerability is due to an error when vulnerable software handles a crafted HTTP chunked Transfer coding. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.

Affected Products

Apache Tomcat 8.0.0-RC1 to 8.0.3
Apache Tomcat 7.0.0 to 7.0.52
Apache Tomcat 6.0.0 to 6.0.39

Impact

Denial of Service: Remote attackers can crash vulnerable systems or services

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://tomcat.apache.org/download-80.cgi
http://tomcat.apache.org/download-70.cgi
http://tomcat.apache.org/download-60.cgi

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2025-01-15	29.937	Modified	Sig Added
2024-07-22	28.830	Modified	Name:HTTP. Chunked-Body. Overflow:HTTP. Chunked-Body. Buffer. Overflow
2019-06-26	14.639	Modified	Sig Added

ID	38655
Created	May 08, 2015
Updated	Jul 23, 2025
CVE ID
Risk
Known Exploited	Yes
Exploit Prediction Score	93.04%
Default Action	drop
Active
Affected OS	Windows, Linux
Affected App	Apache, Other
Profile Type	Numeric Errors

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

HTTP.Chunked-Body.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

HTTP.Chunked-Body.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center