Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server prior to 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |
||
apache http server 0.8.11 |
||
apache http server 0.8.14 |
||
apache http server 1.0 |
||
apache http server 1.0.3 |
||
apache http server 1.0.5 |
||
apache http server 1.1 |
||
apache http server 1.2 |
||
apache http server 1.2.4 |
||
apache http server 1.2.5 |
||
apache http server 1.2.6 |
||
apache http server 1.3 |
||
apache http server 1.3.0 |
||
apache http server 1.3.1 |
||
apache http server 1.3.2 |
||
apache http server 1.3.3 |
||
apache http server 1.3.4 |
||
apache http server 1.3.10 |
||
apache http server 1.3.11 |
||
apache http server 1.3.12 |
||
apache http server 1.3.13 |
||
apache http server 1.3.14 |
||
apache http server 1.3.15 |
||
apache http server 1.3.17 |
||
apache http server 1.3.18 |
||
apache http server 1.3.19 |
||
apache http server 1.3.20 |
||
apache http server 1.3.22 |
||
apache http server 1.3.23 |
||
apache http server 1.3.24 |
||
apache http server 1.3.25 |
||
apache http server 1.3.26 |
||
apache http server 1.3.27 |
||
apache http server 1.3.28 |
||
apache http server 1.3.29 |
||
apache http server 1.3.30 |
||
apache http server 1.3.31 |
||
apache http server 1.3.32 |
||
apache http server 1.3.33 |
||
apache http server 1.3.34 |
||
apache http server 1.3.35 |
||
apache http server 1.3.36 |
||
apache http server 1.3.37 |
||
apache http server 1.3.38 |
||
apache http server 1.3.39 |
||
apache http server 1.3.40 |