Description

Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.

Remediation

References

CVE-2009-1956

Related Vulnerabilities

MySQL NULL Pointer Dereference Vulnerability (CVE-2020-1967)

TYPO3 Other Vulnerability (CVE-2006-5069)

MySQL Improper Input Validation Vulnerability (CVE-2017-3256)

MediaWiki Improper Access Control Vulnerability (CVE-2015-8008)

LimeSurvey CVE-2009-1604 Vulnerability (CVE-2009-1604)

Severity

Medium

Classification

CVE-2009-1956

Tags

Missing Update Known Vulnerabilities