Apache » Http Server » 2.0.38 : Security Vulnerabilities, CVEs, Published In 2012

cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
Max CVSS
4.3
EPSS Score
73.96%
Published
2012-01-28
Updated
2022-09-14

CVE-2012-0031

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
Max CVSS
4.6
EPSS Score
0.04%
Published
2012-01-18
Updated
2022-09-14
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close