Description
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
Remediation
References
Related Vulnerabilities
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2009-3094)
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338)
WordPress Plugin Favicon by RealFaviconGenerator Unspecified Vulnerability (1.2.13)
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-34750)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305)