Heap-based Buffer Overflow in Apache HTTP Server's mod_fcgid Module
CVE-2013-4365

Currently unrated

Key Information:

Vendor: Apache
Status: Mod Fcgid
Vendor: CVE Published:; 17 October 2013

Summary

A heap-based buffer overflow vulnerability exists in the fcgid_header_bucket_read function within the mod_fcgid module of the Apache HTTP Server. This vulnerability enables remote attackers to exploit the flaw through unspecified vectors, potentially compromising the security of the system.

References

http://secunia.com/advisories/55197

third-party-advisoryx_refsource_SECUNIA

http://lists.opensuse.org/opensuse-updates/2013-10/msg000...

vendor-advisoryx_refsource_SUSE

http://lists.opensuse.org/opensuse-updates/2013-10/msg000...

vendor-advisoryx_refsource_SUSE

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 17, 2013
Vulnerability Reserved
Jun 12, 2013