Description
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Remediation
References
Related Vulnerabilities
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
WordPress Plugin Tigris for Salesforce PHP Object Injection (1.1.3)
WordPress Plugin JupiterX Core Multiple Vulnerabilities (2.0.6)
WordPress Plugin CM Download Manager Code Injection (2.0.3)
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2011-4317)