Skip to main content

CVE-2004-0492

Severity High
Score 10/10

Summary

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

  • LOW
  • NETWORK
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

References

Advisory Timeline

  • Published