A vulnerability in the Apache HTTP Server could allow an unauthenticated, remote malicious user to access sensitive information on a targeted system. The vulnerability exists because the affected software improperly accesses previously freed memory when determining a request method. An attacker could exploit this vulnerability by sending requests that submit malicious input to the affected software. A successful exploit could allow the malicious user to access sensitive information, which could be used to launch additional attacks. Apache has confirmed the vulnerability and released software updates.