Description
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin Order XML File Export Import for WooCommerce Cross-Site Request Forgery (1.3.0)
Oracle Database Server CVE-2007-5530 Vulnerability (CVE-2007-5530)
MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-40596)
WordPress Plugin Import Export WordPress Users CSV Injection (1.3.1)