Apache » Http Server : Security Vulnerabilities, CVEs, Published In 2010 (Overflow) CVSS score >= 4
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
Max CVSS
5.0
EPSS Score
42.53%
Published
2010-10-04
Updated
2023-10-03
Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
96.20%
Published
2010-02-02
Updated
2021-06-06
2 vulnerabilities found