CVE-2014-3583

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Os X Server
Vendor: CVE Published:; 15 December 2014

Summary

The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.

References

http://httpd.apache.org/security/vulnerabilities_24.html

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1163555

x_refsource_CONFIRM

http://www.ubuntu.com/usn/USN-2523-1

vendor-advisoryx_refsource_UBUNTU

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 15, 2014
Vulnerability Reserved
May 14, 2014