Apache 2.0.43 Win32 file reading vulnerability

Description

Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as >, which causes a different filename to be processed and served.

Affected Apache versions (up to 2.0.43).

Remediation

Upgrade Apache 2.x to the latest version.

References
Severity
Classification