4.3
CVSSv2

CVE-2012-3502

Published: 22/08/2012 Updated: 21/11/2024

Vulnerability Summary

The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x prior to 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote malicious users to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.4.0

apache http server 2.4.1

apache http server 2.4.2