Vulnerability in N/a
CVE-2004-0493
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via…
EPSS: 0.905 (99.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 2004-0039 (vendor-advisory, x_refsource_TRUSTIX)
- 20040629 TSSA-2004-012 - apache (mailing-list, x_refsource_BUGTRAQ)
- 10619 (vdb-entry, x_refsource_BID)
- RHSA-2004:342 (x_refsource_REDHAT, vendor-advisory)
- 20040628 DoS in apache httpd 2.0.49, yet still apache much better than windows (mailing-list, x_refsource_FULLDISC)
- oval:org.mitre.oval:def:10605 (signature, x_refsource_OVAL, vdb-entry)
- apache-apgetmimeheaderscore-dos(16524) (vdb-entry, x_refsource_XF)
- MDKSA-2004:064 (vendor-advisory, x_refsource_MANDRAKE)
- SSRT4777 (x_refsource_HP, vendor-advisory)
- GLSA-200407-03 (vendor-advisory, x_refsource_GENTOO)