The utility ‘apachectl’ can receive a zero-length directory name in the LD_LIBRARY_PATH via the ‘envvars’ file. A local attacker with access to that utility could exploit this to load a malicious Dynamic Shared Object (DSO), leading to arbitrary code execution. (CVE-2012-0883)
An input validation error exists related to ‘mod_negotiation’, ‘Multiviews’ and untrusted uploads that can allow cross-site scripting attacks. (CVE-2012-2687)

Binary data 6576.prm

VendorProductVersionCPE
apachehttp_server2.2cpe:/a:apache:http_server:2.2

Vendor	Product	Version	CPE
apache	http_server	2.2	cpe:/a:apache:http_server:2.2

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687

httpd.apache.org/security/vulnerabilities_22.html

archive.apache.org/dist/httpd/CHANGES_2.2.23

securityvulns 8

openvas 29

nessus 37

fedora 1

freebsd 2

altlinux 3

f5 4

cve 2

prion 2

ubuntucve 2

seebug 4

httpd 4

debiancve 2

threatpost 1

ubuntu 1

redhat 5

oraclelinux 2

centos 2

veracode 5

gentoo 1

oracle 1

securityvulns

Apache security vulnerabilities

2012-10-01 00:00:00

[ MDVSA-2012:154 ] apache

2012-10-01 00:00:00

APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004

2013-10-03 00:00:00

openvas

Mandriva Update for apache MDVSA-2012:154-1 (apache)

2012-10-03 00:00:00

Mandriva Update for apache MDVSA-2012:154-1 (apache)

2012-10-03 00:00:00

SUSE: Security Advisory (SUSE-SU-2013:0387-1)

2021-06-09 00:00:00

nessus

Oracle Solaris Third-Party Patch Update : apache (multiple_vulnerabilities_in_apache_http2)

2015-01-19 00:00:00

Mandriva Linux Security Advisory : apache (MDVSA-2012:154-1)

2012-10-02 00:00:00

Apache 2.2.x < 2.2.23 Multiple Vulnerabilities

2012-09-14 00:00:00

fedora

[SECURITY] Fedora 17 Update: httpd-2.2.23-1.fc17

2013-02-12 04:59:23

freebsd

apache22 -- several vulnerabilities

2012-09-13 00:00:00

Apache -- Insecure LD_LIBRARY_PATH handling

2012-03-02 00:00:00

altlinux

Security fix for the ALT Linux 10 package apache2 version 2.2.24-alt1

2013-04-14 00:00:00

Security fix for the ALT Linux 9 package apache2 version 2.2.24-alt1

2013-04-14 00:00:00

Security fix for the ALT Linux 8 package apache2 version 2.2.24-alt1

2013-04-14 00:00:00

SOL15901 - Apache HTTP server vulnerability CVE-2012-2687

2014-12-10 00:00:00

K15901 : Apache HTTP server vulnerability CVE-2012-2687

2015-06-08 00:00:00

SOL15899 - Multiple Apache vulnerabilities CVE-2012-4558, CVE-2012-0883, CVE-2011-3348, and CVE-2010-1452

2014-12-08 00:00:00

cve

CVE-2012-2687

2012-08-22 19:55:00

CVE-2012-0883

2012-04-18 10:33:00

prion

Directory traversal

2012-04-18 10:33:00

Cross site scripting

2012-08-22 19:55:00

ubuntucve

CVE-2012-0883

2012-04-18 00:00:00

CVE-2012-2687

2012-08-22 00:00:00

seebug

Apache HTTP Server envvars本地权限提升漏洞

2012-09-18 00:00:00

Apache HTTP Server 'LD_LIBRARY_PATH'不安全库加载任意代码执行漏洞

2012-10-11 00:00:00

Apache HTTP Server 'LD_LIBRARY_PATH'不安全库装载任意代码执行漏洞

2012-04-20 00:00:00

httpd

Apache Httpd < 2.4.2 : insecure LD_LIBRARY_PATH handling

2012-02-14 00:00:00

Apache Httpd < 2.2.23 : insecure LD_LIBRARY_PATH handling

2012-02-14 00:00:00

Apache Httpd < 2.4.3 : XSS in mod_negotiation when untrusted uploads are supported

2012-05-31 00:00:00

debiancve

CVE-2012-2687

2012-08-22 19:55:00

CVE-2012-0883

2012-04-18 10:33:00

threatpost

Apache Fixes Two Security Flaws in Version 2.4.3

2012-08-21 17:45:56

ubuntu

Apache HTTP Server vulnerabilities

2012-11-08 00:00:00

redhat

(RHSA-2013:0512) Low: httpd security, bug fix, and enhancement update

2013-02-21 00:00:00

(RHSA-2013:0130) Low: httpd security, bug fix, and enhancement update

2013-01-08 00:00:00

(RHSA-2012:1594) Important: JBoss Enterprise Application Platform 6.0.1 update

2012-12-18 00:00:00

oraclelinux

httpd security, bug fix, and enhancement update

2013-01-11 00:00:00

httpd security, bug fix, and enhancement update

2013-02-22 00:00:00

centos

httpd, mod_ssl security update

2013-02-27 19:35:19

httpd, mod_ssl security update

2013-01-09 20:52:40

veracode

Arbitrary File Upload

2019-05-02 04:45:35

Information Disclosure

2019-05-02 04:42:36

Access Restriction Bypass

2019-05-02 04:43:22

gentoo

Apache HTTP Server: Multiple vulnerabilities

2012-06-24 00:00:00

oracle

Oracle Critical Patch Update - July 2013

2013-07-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for 6576.PRM