CVE-2010-0010

NONECVSS 0.0

0.0

Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.

🔗 References (46)

secalert@redhathttp://archives.neohapsis.com/archives/fulldisclosure/2010-01/0589.html
secalert@redhathttp://blog.pi3.com.pl/?p=69
secalert@redhathttp://httpd.apache.org/dev/dist/CHANGES_1.3.42
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
secalert@redhathttp://marc.info/?l=bugtraq&m=130497311408250&w=2
secalert@redhathttp://packetstormsecurity.org/1001-exploits/modproxy-overflow.txt
secalert@redhathttp://secunia.com/advisories/38319
secalert@redhathttp://secunia.com/advisories/39656
secalert@redhathttp://site.pi3.com.pl/adv/mod_proxy.txt
secalert@redhathttp://www.securityfocus.com/archive/1/509185/100/0/threaded
secalert@redhathttp://www.securityfocus.com/bid/37966
secalert@redhathttp://www.securitytracker.com/id?1023533
secalert@redhathttp://www.vupen.com/english/advisories/2010/0240
secalert@redhathttp://www.vupen.com/english/advisories/2010/1001
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/55941

Is Your Infrastructure Affected by CVE-2010-0010?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2010-0010

📅 Published

🔄 Last Modified

🔗 References (46)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2010-0010?