httpd: Out-of-bounds read in ap_strcmp_match()

An out-of-bounds read vulnerability was found in httpd. A very large input to the apstrcmpmatch function can lead to an integer overflow and result in an out-of-bounds read...

The vulnerability of the ap_strcmp_match() function in the Apache HTTP Server allows a hacker to cause a service failure or gain unauthorized access to protected information.

The vulnerability of the apstrcmpmatch function in the Apache HTTP Server is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to cause service failures or gain unauthorized access to protected information by sending a specially crafted HTTP request...