| ID |
CVE-2007-6423
|
| Summary |
Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*
-
cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
-
cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
-
cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
-
cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
-
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 7.8 (as of 11-04-2024 - 00:43) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-399 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
| refmap
via4
|
| bid | 27236 | | bugtraq | 20080110 SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability | | sreason | 3523 |
|
| statements
via4
|
| contributor | Mark J Cox | | lastmodified | 2008-01-24 | | organization | Red Hat | | statement | mod_proxy_balancer is included in the version of Apache HTTP Server as shipped in Red Hat Enterprise Linux 5 and Red Hat Application Stack v2. Red Hat was unable to reproduce this issue. |
|
| Last major update |
11-04-2024 - 00:43 |
| Published |
12-01-2008 - 00:46 |
| Last modified |
11-04-2024 - 00:43 |
