Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code by way of a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Information about this advisory is available at the following location:
Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492>