Http Server@12.1.3.0 Security Vulnerabilities and Issues — Http Server@12.1.3.0 CVE List

Lucene search

OracleHttp Server12.1.3.0

8 matches found

CVE•added 2014/07/20 11:12 a.m.•2034 views

CVE-2014-0226

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard h...

6.8CVSS7AI score0.91096EPSS

CVE•added 2014/03/18 5:18 a.m.•1883 views

CVE-2014-0098

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.

5CVSS8AI score0.49465EPSS

CVE•added 2014/03/18 5:18 a.m.•1701 views

CVE-2013-6438

The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.

5CVSS8AI score0.36218EPSS

CVE•added 2013/06/10 5:55 p.m.•1098 views

CVE-2013-1862

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.

5.1CVSS6.9AI score0.38401EPSS

CVE•added 2014/04/15 10:55 a.m.•828 views

CVE-2013-5704

The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."

5CVSS5.7AI score0.8475EPSS

CVE•added 2019/06/24 5:15 p.m.•462 views

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

7.8CVSS7.5AI score0.05817EPSS

CVE•added 2020/12/16 4:15 p.m.•54 views

CVE-2020-5360

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.

7.5CVSS8AI score0.01804EPSS

CVE•added 2016/07/21 10:12 a.m.•41 views

CVE-2016-3482

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 and 12.1.3.0 allows remote attackers to affect confidentiality via vectors related to SSL/TLS Module.

5CVSS4.4AI score0.00366EPSS