Description

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.

Remediation

References

CVE-2007-3847

Related Vulnerabilities

WordPress Plugin 3DPrint Lite Arbitrary File Upload (1.9.1.4)

WordPress Plugin Student Result or Employee Database Security Bypass (1.6.3)

Oracle JRE CVE-2018-2588 Vulnerability (CVE-2018-2588)

Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.11)

WordPress Plugin WP Subtitle Unspecified Vulnerability (2.5)

Severity

Medium

Classification

CVE-2007-3847 CWE-125

Tags

Missing Update Known Vulnerabilities