CVE-2010-1623

Currently unrated

Key Information:

Vendor: Apache
Status: Apr-util
Vendor: CVE Published:; 4 October 2010

Summary

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.

References

http://svn.apache.org/viewvc?view=revision&revision=1003494

x_refsource_CONFIRM

http://svn.apache.org/viewvc?view=revision&revision=1003492

x_refsource_CONFIRM

http://secunia.com/advisories/43285

third-party-advisoryx_refsource_SECUNIA

EPSS Score

82% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 4, 2010
Vulnerability Reserved
Apr 29, 2010