Description

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

Remediation

References

CVE-2017-7679

Related Vulnerabilities

WordPress Plugin Advance Menu Manager Security Bypass (3.0)

WordPress Plugin WP Selected Text Sharer Multiple Vulnerabilities (1.0)

MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2311)

Oracle JRE CVE-2022-21360 Vulnerability (CVE-2022-21360)

WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (7.9)

Severity

Critical

Classification

CVE-2017-7679 CWE-119 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities