Description

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.

Remediation

References

CVE-2007-3847

Related Vulnerabilities

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.23)

WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Request Forgery (2.4.0)

ownCloud CVE-2017-9340 Vulnerability (CVE-2017-9340)

WordPress Plugin CM Download Manager Cross-Site Scripting (2.7.0)

WordPress Plugin AMP for WP-Accelerated Mobile Pages Security Bypass (0.9.97.19)

Severity

Medium

Classification

CVE-2007-3847 CWE-125

Tags

Missing Update Known Vulnerabilities