Apache » Http Server : Security Vulnerabilities, CVEs, Published In 2003 (Code Execution)
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
Max CVSS
7.2
EPSS Score
0.10%
Published
2003-11-03
Updated
2021-06-06
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
Max CVSS
5.0
EPSS Score
96.63%
Published
2003-06-09
Updated
2021-06-06
Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
Max CVSS
7.5
EPSS Score
5.86%
Published
2003-02-07
Updated
2021-06-06
3 vulnerabilities found