Lucene search
K

10 matches found

CVE
CVE
added 2010/03/05 7:0 p.m.6044 views

CVE-2010-0425

CVE-2010-0425 affects Apache HTTP Server on Windows with ISAPI module mod_isapi (DLLs in 2.0.37–2.0.63, 2.2.0–2.2.14, and 2.3.x before 2.3.7). Root cause: mod_isapi may unload an ISAPI DLL before request processing finishes, causing memory corruption. Impact: remote code execution or denial of se...

10CVSS9.4AI score0.94248EPSS
CVE
CVE
added 2010/03/05 4:0 p.m.791 views

CVE-2010-0408

CVE-2010-0408 affects the Apache HTTP Server 2.2.x prior to 2.2.15. The ap_proxy_ajp_request function in mod_proxy_ajp.c mishandles requests when a client sends no request body, allowing remote attackers to trigger a denial of service (backend server outage) by crafting a request. The issue is re...

5CVSS8.9AI score0.20787EPSS
CVE
CVE
added 2010/07/28 7:32 p.m.776 views

CVE-2010-1452

CVE-2010-1452 affects Apache HTTP Server 2.2.x (before 2.2.16) via the mod_cache and mod_dav components. A request that lacks a path can crash the server, causing a denial of service. Debian advisories and related vendor notes confirm the issue and describe fixes/upgrades to 2.2.16 (and subsequen...

5CVSS5.2AI score0.2187EPSS
Web
CVE
CVE
added 2010/06/18 4:0 p.m.603 views

CVE-2010-2068

CVE-2010-2068 affects Apache HTTP ServerAffected: mod_proxy_http.c in Apache HTTP Server 2.2.9–2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, OS/2 in certain proxy worker pool configurations.Root cause: timeout handling in mod_proxy_http did not correctly detect timeouts, allowing a re...

5CVSS4.9AI score0.16002EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.455 views

CVE-2010-0434

CVE-2010-0434 affects the Apache HTTP Server 2.2.x series (pre-2.2.15) where the ap_read_request handling in server/protocol.c for multithreaded MPMs could disclose memory contents by accessing headers of subrequests tied to an earlier request. Public sources in connected docs (e.g., Debian secur...

4.3CVSS8.8AI score0.18443EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.207 views

CVE-2010-1623

The CVE-2010-1623 issue affects the APR-util library (apr_brigade_split_line in buckets/apr_brigade.c) prior to version 1.3.10, where a memory leak can allow remote attackers to cause denial of service through memory consumption related to APR bucket destruction. Affected products commonly includ...

5CVSS6.3AI score0.20167EPSS
CVE
CVE
added 2010/02/02 4:25 p.m.144 views

CVE-2010-0010

The CVE-2010-0010 issue affects Apache HTTP Server’s mod_proxy (proxy_util.c) on 64-bit platforms. The root cause is an integer overflow in the ap_proxy_send_fb function when handling large chunk sizes, which can trigger a heap-based buffer overflow. This condition enables a remote origin server ...

6.8CVSS8.2AI score0.43421EPSS
Web
CVE
CVE
added 2010/08/05 6:0 p.m.132 views

CVE-2010-2791

The CVE-2010-2791 issue affects Apache HTTP Server 2.2.x on Unix, where mod_proxy in httpd can fail to close the backend connection after a timeout while reading from a persistent connection. This can allow a remote attacker to obtain a potentially sensitive response intended for another client u...

5CVSS6.1AI score0.08284EPSS
CVE
CVE
added 2010/02/05 10:13 p.m.70 views

CVE-2003-1580

The CVE-2003-1580 issue affects Apache HTTP Server 2.0.44 when DNS resolution is enabled for client IPs. The vulnerability arises from a logging format that does not indicate whether a dotted-quad IP address is unresolved, which can allow remote attackers to spoof IP addresses by sending crafted ...

4.3CVSS6.8AI score0.03709EPSS
CVE
CVE
added 2010/02/05 10:13 p.m.69 views

CVE-2003-1581

CVE-2003-1581 affects Apache HTTP Server 2.0.44: when DNS resolution is enabled for client IPs, remote attackers can inject arbitrary text into log files via an HTTP request paired with a crafted DNS response, demonstrated as XSS sequences (Inverse Lookup Log Corruption). The connected sources co...

2.6CVSS6.2AI score0.0308EPSS