The PDF XSS protection feature in ModSecurity prior to 2.5.8 allows remote malicious users to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trustwave modsecurity |
||
fedoraproject fedora 9 |
||
fedoraproject fedora 10 |