WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Other Vulnerability (CVE-2004-0492)

Description

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

Remediation

References

Related Vulnerabilities

Squid Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-18678)

OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2015-3196)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1649)

Oracle Application Server CVE-2010-0070 Vulnerability (CVE-2010-0070)

Oracle JRE CVE-2013-2422 Vulnerability (CVE-2013-2422)

Severity

Critical

Classification

Tags

Missing Update Known Vulnerabilities