Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2014-0118)

Description

The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.

Remediation

References

Related Vulnerabilities

Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-1613)

PleskWin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-0132)

WordPress Plugin Pay Per Media Player Multiple Cross-Site Scripting Vulnerabilities (1.24)

Drupal Other Vulnerability (CVE-2006-2742)

Apache HTTP Server CVE-2003-0789 Vulnerability (CVE-2003-0789)

Severity

Medium

Classification

CVE-2014-0118 CWE-400

Tags

Missing Update Known Vulnerabilities