Lucene search
F5F5:K13277HistorySep 04, 2013 - 12:00 a.m.
K13277 : Apache vulnerability CVE-2009-2412
2013-09-0400:00:00
my.f5.com
23
7.8 High
AI Score
Confidence
Low
Security Advisory Description
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by way of vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows.
Impact
Denial of service for the ARX management API.
Related
nessus
nessus
Apache 2.2.x < 2.2.13 APR apr_palloc Heap Overflow
2012-01-19 00:00:00
SuSE 10 Security Update : libapr (ZYPP Patch Number 6546)
2009-10-23 00:00:00
openvas
openvas
Ubuntu USN-813-2 (apache2)
2009-08-17 00:00:00
RedHat Security Advisory RHSA-2009:1204
2009-08-17 00:00:00
Mandrake Security Advisory MDVSA-2009:195-1 (apr)
2009-08-17 00:00:00
gentoo
gentoo
Apache Portable Runtime, APR Utility Library: Execution of arbitrary code
2009-09-09 00:00:00
httpd
httpd
Apache Httpd < 2.2.13 : APR apr_palloc heap overflow
2009-07-27 00:00:00
Apache Httpd < 2.0.64 : APR apr_palloc heap overflow
2009-07-27 00:00:00
seebug
seebug
Apache APRεAPR-utilζ΄ζ°ζΊ’εΊζΌζ΄
2009-08-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package apr1 version 1.3.8-alt1.1
2009-11-13 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.14-alt1
2009-10-06 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.14-alt1
2009-10-06 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: apr-1.3.8-1.fc11
2009-08-07 05:01:20
[SECURITY] Fedora 10 Update: apr-1.3.8-1.fc10
2009-08-07 05:08:24
[SECURITY] Fedora 11 Update: apr-util-1.3.9-1.fc11
2009-08-07 05:05:13
cve
cve
CVE-2009-2412
2009-08-06 15:30:00
CVE-2009-2411
2009-08-07 19:30:00
ubuntu
ubuntu
apr vulnerability
2009-08-08 00:00:00
Apache vulnerability
2009-08-08 00:00:00
apr-util vulnerability
2009-08-08 00:00:00
prion
prion
Integer overflow
2009-08-06 15:30:00
Integer overflow
2009-08-07 19:30:00
oraclelinux
oraclelinux
apr and apr-util security update
2009-08-10 00:00:00
httpd security and bug fix update
2009-08-10 00:00:00
osv
osv
apr apr-util - arbitrary code execution
2009-08-08 00:00:00
ubuntucve
ubuntucve
CVE-2009-2412
2009-08-06 00:00:00
CVE-2009-2411
2009-08-07 00:00:00
debiancve
debiancve
CVE-2009-2412
2009-08-06 15:30:00
CVE-2009-2411
2009-08-07 19:30:00
f5
f5
SOL13277 - Apache vulnerability CVE-2009-2412
2011-12-28 00:00:00
debian
debian
[SECURITY] [DSA 1854-1] New APR packages fix arbitrary code execution
2009-08-08 18:55:09
centos
centos
apr security update
2009-08-11 21:20:30
httpd, mod_ssl security update
2009-08-10 21:35:07
redhat
redhat
(RHSA-2009:1204) Moderate: apr and apr-util security update
2009-08-10 00:00:00
(RHSA-2009:1205) Moderate: httpd security and bug fix update
2009-08-10 00:00:00
securityvulns
securityvulns
Subversion / APR multiple buffer overflows
2009-08-08 00:00:00
Subversion heap overflow
2009-08-08 00:00:00
suse
suse
potential code execution in apache2,libapr1
2009-10-26 13:21:56