Описание
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.4.7-1ubuntu3 |
| lucid | released | 2.2.14-5ubuntu8.13 |
| precise | released | 2.2.22-1ubuntu1.5 |
| quantal | released | 2.2.22-6ubuntu2.4 |
| saucy | released | 2.4.6-2ubuntu2.2 |
| upstream | released | 2.4.8 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
The dav_xml_get_cdata function in main/util.c in the mod_dav module in ...
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
EPSS
5 Medium
CVSS2