- EPSS 21.87%
- Veröffentlicht 28.07.2010 20:00:01
- Zuletzt bearbeitet 16.06.2026 23:18:25
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
- EPSS 16%
- Veröffentlicht 18.06.2010 16:30:01
- Zuletzt bearbeitet 16.06.2026 23:19:55
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows rem...
- EPSS 94.25%
- Veröffentlicht 05.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:08
modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an...
CVE-2010-0434
- EPSS 18.44%
- Veröffentlicht 05.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:10
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, wh...
- EPSS 20.79%
- Veröffentlicht 05.03.2010 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:06
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial o...
CVE-2003-1580
- EPSS 3.71%
- Veröffentlicht 05.02.2010 22:30:02
- Zuletzt bearbeitet 16.06.2026 22:04:41
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via cra...
CVE-2003-1581
- EPSS 3.08%
- Veröffentlicht 05.02.2010 22:30:02
- Zuletzt bearbeitet 16.06.2026 22:04:41
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS se...
CVE-2010-0010
- EPSS 43.42%
- Veröffentlicht 02.02.2010 16:30:02
- Zuletzt bearbeitet 16.06.2026 23:15:13
Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary co...
- EPSS 24.31%
- Veröffentlicht 04.12.2009 21:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:51
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that ...
CVE-2009-3555
- EPSS 87.26%
- Veröffentlicht 09.11.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:50
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu...