Description
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2006-0260 Vulnerability (CVE-2006-0260)
Serendipity Other Vulnerability (CVE-2005-1134)
WordPress Plugin Indexisto WordPress Site Search Cross-Site Scripting (1.0.5)
Python Out-of-bounds Write Vulnerability (CVE-2019-12900)
WordPress Plugin Zoho Marketing Automation SQL Injection (1.2.7)