Description

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.

Remediation

References

CVE-2013-1862

Related Vulnerabilities

WordPress Plugin Shoppable Images Multiple Vulnerabilities (1.0.0)

WordPress Plugin More from Google Cross-Site Scripting (0.0.2)

WordPress Plugin WP Prayer Cross-Site Scripting (1.6.1)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-2040)

XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35159)

Severity

Medium

Classification

CVE-2013-1862

Tags

Missing Update Known Vulnerabilities