Description

The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.

Remediation

References

CVE-2007-1862

Related Vulnerabilities

WordPress Plugin AJAX Comment Page Cross-Site Scripting (3.25)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7890)

WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.8.3.1)

WordPress Plugin Simple File List Arbitrary File Upload (4.2.2)

OpenSSL Cryptographic Issues Vulnerability (CVE-2013-0166)

Severity

Medium

Classification

CVE-2007-1862

Tags

Missing Update Known Vulnerabilities