Description

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.

Remediation

References

CVE-2007-3847

Related Vulnerabilities

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'config' Parameter Local File Inclusion (3.0.3)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14164)

WordPress Plugin Preview E-mails for WooCommerce Cross-Site Scripting (1.6.8)

MySQL CVE-2013-3793 Vulnerability (CVE-2013-3793)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-10086)

Severity

Medium

Classification

CVE-2007-3847 CWE-125

Tags

Missing Update Known Vulnerabilities