Description
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Remediation
References
Related Vulnerabilities
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10379)
WordPress Plugin Redirection for Contact Form 7 Multiple Vulnerabilities (2.3.3)
TYPO3 Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-59016)
WordPress Plugin Dynamic Widgets 'id' Parameter Cross-Site Scripting (1.5.1)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-6289)