Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Jboss EAP CVE-2013-1896 Vulnerability (CVE-2013-1896)

Description

mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.

Remediation

References

Related Vulnerabilities

Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179)

WordPress Plugin Download Manager PHAR Deserialization (3.2.49)

WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.8)

SharePoint Resource Management Errors Vulnerability (CVE-2015-0064)

WordPress Plugin Redux Framework Cross-Site Scripting (4.4.17)

Severity

Medium

Classification

CVE-2013-1896

Tags

Missing Update Known Vulnerabilities