6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.962 High
EPSS
Percentile
99.5%
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote
attackers to cause a denial of service (memory exhaustion), and possibly an
integer signedness error leading to a heap-based buffer overflow on 64 bit
systems, via long header lines with large numbers of space or tab
characters.