The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote malicious users to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trustix secure linux 2.0 |
||
avaya converged communications server 2.0 |
||
trustix secure linux 1.5 |
||
gentoo linux 1.4 |
||
trustix secure linux 2.1 |
||
apache http server 2.0.47 |
||
ibm http server 2.0.42.1 |
||
avaya s8300 r2.0.0 |
||
apache http server 2.0.49 |
||
ibm http server 2.0.42 |
||
ibm http server 2.0.47.1 |
||
apache http server 2.0.48 |
||
ibm http server 2.0.42.2 |
||
avaya s8700 r2.0.0 |
||
avaya s8500 r2.0.0 |
||
ibm http server 2.0.47 |