0.011 Low
EPSS
Percentile
84.7%
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
launchpad.net/bugs/cve/CVE-2009-1903
nvd.nist.gov/vuln/detail/CVE-2009-1903
security-tracker.debian.org/tracker/CVE-2009-1903
www.cve.org/CVERecord?id=CVE-2009-1903