CVE-2007-6258

Currently unrated

Key Information:

Vendor: Apache
Status: Mod Jk
Vendor: CVE Published:; 19 February 2008

Summary

Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.

References

http://www.securityfocus.com/archive/1/487983/100/100/thr...

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2008/0572

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/27752

vdb-entryx_refsource_BID

EPSS Score

25% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 19, 2008
Vulnerability Reserved
Dec 5, 2007