Memory Leak Vulnerability in Apache Portable Runtime Utility Library
CVE-2010-1623

Currently unrated

Key Information:

Vendor: Apache
Status: Apr-util
Vendor: CVE Published:; 4 October 2010

What is CVE-2010-1623?

A memory leak exists in the apr_brigade_split_line function of the Apache Portable Runtime Utility library, which can lead to increased memory consumption. This vulnerability allows remote attackers to exploit the leak, potentially leading to denial of service through unspecified vectors relating to the management of an APR bucket. Users are advised to upgrade to APR-util version 1.3.10 or later to mitigate this risk.

References

http://svn.apache.org/viewvc?view=revision&revision=1003494

x_refsource_CONFIRM

http://svn.apache.org/viewvc?view=revision&revision=1003492

x_refsource_CONFIRM

http://secunia.com/advisories/43285

third-party-advisoryx_refsource_SECUNIA

EPSS Score

13% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2010
Vulnerability Reserved
Apr 29, 2010