Description
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.
Remediation
References
Related Vulnerabilities
b2evolution Credentials Management Errors Vulnerability (CVE-2016-9479)
WordPress Plugin InBoundio Marketing Arbitrary File Upload (2.0.3)
WordPress Plugin Blog social sharing component Cross-Site Request Forgery (1.4.5)
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2015-1399)