WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server CVE-2014-0098 Vulnerability (CVE-2014-0098)

Description

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.

Remediation

References

Related Vulnerabilities

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-7128)

WordPress Plugin StatPressCN 'wp-admin/admin.php' Multiple Cross-Site Scripting Vulnerabilities (1.9.0)

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0272)

WordPress Plugin Lazy SEO Arbitrary File Upload (1.3.2)

WordPress 4.0.x Cross-Site Request Forgery (4.0 - 4.0.25)

Severity

Medium

Classification

Tags

Missing Update Known Vulnerabilities