Description
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
Remediation
References
Related Vulnerabilities
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5495)
WordPress Plugin Asset Manager 'upload.php' Arbitrary File Upload (0.3)
WordPress Plugin ChenPress Arbitrary File Upload (3.0)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15700)
Dolibarr Improper Input Validation Vulnerability (CVE-2022-0174)