10
CVE-2010-0425
- EPSS 94.25%
- Veröffentlicht 05.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:08
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apache ≫ HTTP Server Version >= 2.0.37 < 2.0.64
Apache ≫ HTTP Server Version >= 2.2.0 < 2.2.15
Apache ≫ HTTP Server Version >= 2.3.0 < 2.3.7
Ibm ≫ HTTP Server Version6.0.2
Ibm ≫ HTTP Server Version6.0.2.1
Ibm ≫ HTTP Server Version6.0.2.3
Ibm ≫ HTTP Server Version6.0.2.7
Ibm ≫ HTTP Server Version6.0.2.9
Ibm ≫ HTTP Server Version6.0.2.11
Ibm ≫ HTTP Server Version6.0.2.13
Ibm ≫ HTTP Server Version6.0.2.15
Ibm ≫ HTTP Server Version6.0.2.19
Ibm ≫ HTTP Server Version6.0.2.21
Ibm ≫ HTTP Server Version6.0.2.23
Ibm ≫ HTTP Server Version6.0.2.25
Ibm ≫ HTTP Server Version6.0.2.27
Ibm ≫ HTTP Server Version6.0.2.29
Ibm ≫ HTTP Server Version6.0.2.31
Ibm ≫ HTTP Server Version6.0.2.33
Ibm ≫ HTTP Server Version6.0.2.35
Ibm ≫ HTTP Server Version6.0.2.37
Ibm ≫ HTTP Server Version6.0.2.39
Ibm ≫ HTTP Server Version6.1
Ibm ≫ HTTP Server Version6.1.0.2
Ibm ≫ HTTP Server Version6.1.0.3
Ibm ≫ HTTP Server Version6.1.0.5
Ibm ≫ HTTP Server Version6.1.0.7
Ibm ≫ HTTP Server Version6.1.0.9
Ibm ≫ HTTP Server Version6.1.0.11
Ibm ≫ HTTP Server Version6.1.0.13
Ibm ≫ HTTP Server Version6.1.0.15
Ibm ≫ HTTP Server Version6.1.0.17
Ibm ≫ HTTP Server Version6.1.0.19
Ibm ≫ HTTP Server Version6.1.0.21
Ibm ≫ HTTP Server Version6.1.0.23
Ibm ≫ HTTP Server Version6.1.0.25
Ibm ≫ HTTP Server Version6.1.0.27
Ibm ≫ HTTP Server Version6.1.0.29
Oracle ≫ HTTP Server Version10.1.3.5.0
Broadcom ≫ Vmware Ace Management Server Version < 2.7.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 94.25% | 0.998 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
http://httpd.apache.org/security/vulnerabilities_22.html
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
http://httpd.apache.org/security/vulnerabilities_20.html
https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
http://secunia.com/advisories/39628
http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
http://www.vupen.com/english/advisories/2010/0994
http://lists.vmware.com/pipermail/security-announce/2010/000105.html
http://www.vmware.com/security/advisories/VMSA-2010-0014.html
http://secunia.com/advisories/38978
http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=917870&r2=917869&pathrev=917870
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/arch/win32/mod_isapi.c?r1=917870&r2=917869&pathrev=917870
http://svn.apache.org/viewvc?view=revision&revision=917870
http://www-01.ibm.com/support/docview.wss?uid=swg1PM09447
http://www.kb.cert.org/vuls/id/280613
http://www.securityfocus.com/bid/38494
http://www.securitytracker.com/id?1023701
http://www.senseofsecurity.com.au/advisories/SOS-10-002
http://www.vupen.com/english/advisories/2010/0634
https://exchange.xforce.ibmcloud.com/vulnerabilities/56624
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8439
https://www.exploit-db.com/exploits/11650