Lucene search
Apache Team FoundationHTTPD:025EA7A9879A8F8BCB6450515810A8DEHistoryJul 27, 2009 - 12:00 a.m.
Apache Httpd < 2.0.64 : APR apr_palloc heap overflow
2009-07-2700:00:00
Apache Team Foundation
httpd.apache.org
11
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.11 Low
EPSS
Percentile
95.1%
A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.
Related
nessus
nessus
Apache 2.2.x < 2.2.13 APR apr_palloc Heap Overflow
2012-01-19 00:00:00
openSUSE Security Update : libapr-util1 (libapr-util1-1375)
2009-10-23 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200909-03 (apr apr-util)
2009-09-15 00:00:00
Ubuntu: Security Advisory (USN-813-1)
2009-08-17 00:00:00
Mandrake Security Advisory MDVSA-2009:195-1 (apr)
2009-08-17 00:00:00
seebug
seebug
Apache APRεAPR-utilζ΄ζ°ζΊ’εΊζΌζ΄
2009-08-06 00:00:00
httpd
httpd
Apache Httpd < 2.2.13 : APR apr_palloc heap overflow
2009-07-27 00:00:00
gentoo
gentoo
Apache Portable Runtime, APR Utility Library: Execution of arbitrary code
2009-09-09 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: apr-1.3.8-1.fc10
2009-08-07 05:08:24
[SECURITY] Fedora 11 Update: apr-1.3.8-1.fc11
2009-08-07 05:01:20
[SECURITY] Fedora 11 Update: apr-util-1.3.9-1.fc11
2009-08-07 05:05:13
redhat
redhat
(RHSA-2009:1204) Moderate: apr and apr-util security update
2009-08-10 00:00:00
(RHSA-2009:1205) Moderate: httpd security and bug fix update
2009-08-10 00:00:00
centos
centos
apr security update
2009-08-11 21:20:30
httpd, mod_ssl security update
2009-08-10 21:35:07
altlinux
altlinux
Security fix for the ALT Linux 7 package apr1 version 1.3.8-alt1.1
2009-11-13 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.14-alt1
2009-10-06 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.14-alt1
2009-10-06 00:00:00
cve
cve
CVE-2009-2412
2009-08-06 15:30:00
CVE-2009-2411
2009-08-07 19:30:00
ubuntu
ubuntu
apr vulnerability
2009-08-08 00:00:00
Apache vulnerability
2009-08-08 00:00:00
apr-util vulnerability
2009-08-08 00:00:00
oraclelinux
oraclelinux
apr and apr-util security update
2009-08-10 00:00:00
httpd security and bug fix update
2009-08-10 00:00:00
debiancve
debiancve
CVE-2009-2412
2009-08-06 15:30:00
CVE-2009-2411
2009-08-07 19:30:00
ubuntucve
ubuntucve
CVE-2009-2412
2009-08-06 00:00:00
CVE-2009-2411
2009-08-07 00:00:00
osv
osv
apr apr-util - arbitrary code execution
2009-08-08 00:00:00
f5
f5
SOL13277 - Apache vulnerability CVE-2009-2412
2011-12-28 00:00:00
K13277 : Apache vulnerability CVE-2009-2412
2013-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1854-1] New APR packages fix arbitrary code execution
2009-08-08 18:55:20
prion
prion
Integer overflow
2009-08-06 15:30:00
Integer overflow
2009-08-07 19:30:00
securityvulns
securityvulns
Subversion / APR multiple buffer overflows
2009-08-08 00:00:00
Subversion heap overflow
2009-08-08 00:00:00
suse
suse
potential code execution in apache2,libapr1
2009-10-26 13:21:56
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.11 Low
EPSS
Percentile
95.1%
Related for HTTPD:025EA7A9879A8F8BCB6450515810A8DE