This alert was generated using only banner information. It may be a false positive.
By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory. However function pointers still remain in memory and are called when published ISAPI functions are referenced. This results in a dangling pointer vulnerability.
Affected Apache versions (up to 2.2.14 on Windows platform).
- Upgrade Apache to the latest version.
- WordPress Plugin Ninja Forms-The Easy and Powerful Forms Builder Cross-Site Scripting (2.9.31)
- WordPress Plugin WP-Members Membership Cross-Site Scripting (22.214.171.124)
- Joomla! Core 2.5.x Clickjacking Vulnerability (2.5.0 - 2.5.7)
- WordPress Plugin Qiniu Cloudtuchuang Cross-Site Scripting (1.8)
- WordPress 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)