CVE-2016-2168

2016-05-05T18:59:00
ID CVE-2016-2168
Type cve
Reporter cve@mitre.org
Modified 2020-10-20T22:15:00

Description

The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>