CVE-2009-1903
Summary
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
- MEDIUM
- NETWORK
- NONE
- NONE
- NONE
- PARTIAL
References
Advisory Timeline
- Published