Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 02/02/2010 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server prior to 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache http server 1.3.38
apache http server 1.3.23
apache http server 1.3.27
apache http server 1.3.10
apache http server 1.0.5
apache http server 0.8.11
apache http server 1.3.33
apache http server 1.3.36
apache http server 1.3.1
apache http server 1.3.25
apache http server 1.3.28
apache http server 1.3.19
apache http server 1.3.40
apache http server 1.3.31
apache http server 1.3.24
apache http server 1.3.20
apache http server 1.3.35
apache http server 1.1
apache http server 1.3.2
apache http server 1.3.34
apache http server 1.3.4
apache http server 1.2.5
apache http server 1.3.13
apache http server 1.0
apache http server 1.2.4
apache http server 1.3.39
apache http server 1.3.30
apache http server 1.3.18
apache http server 1.0.3
apache http server 1.3.0
apache http server 1.3
apache http server 1.3.12
apache http server 1.3.3
apache http server 1.3.17
apache http server 0.8.14
apache http server 1.3.26
apache http server
apache http server 1.3.32
apache http server 1.3.15
apache http server 1.3.14
apache http server 1.3.29
apache http server 1.3.22
apache http server 1.3.37
apache http server 1.3.11
apache http server 1.2.6
apache http server 1.2

CWE-189 http://site.pi3.com.pl/adv/mod_proxy.txt http://blog.pi3.com.pl/?p=69 http://httpd.apache.org/dev/dist/CHANGES_1.3.42 http://secunia.com/advisories/38319 http://www.vupen.com/english/advisories/2010/0240 http://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html http://www.securityfocus.com/bid/37966 http://www.securitytracker.com/id?1023533 http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html http://secunia.com/advisories/39656 http://www.vupen.com/english/advisories/2010/1001 http://marc.info/?l=bugtraq&m=130497311408250&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/55941 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7923 http://www.securityfocus.com/archive/1/509185/100/0/threaded https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-0010

Vulnerability Summary

References

Vulmon Search

About

Products

Connect