Numeric Errors

Summary

Multiple integer overflows in the Apache Portable Runtime (APR) library in versions APACHE_2_0_20 prior to 0.9.19, 1.0.x, 1.1.x, 1.2.x, and 1.3.x prior to 1.3.8, and the Apache Portable Utility (APR-util) library in versions 0.9.x prior to 0.9.18, 1.3.x prior to 1.3.9 allow remote attackers to cause a Denial of Service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the "allocator_alloc" or "apr_palloc" function in 'memory/unix/apr_pools.c' in APR; or crafted calls to the "apr_rmm_malloc", "apr_rmm_calloc", or "apr_rmm_realloc" function in 'misc/apr_rmm.c' in APR-util; leading to buffer overflows. This issue affects the Apache HTTP Server in versions 2.0.35 through 2.0.63, and 2.2.0 through 2.2.12. NOTE: some of these details are obtained from third-party information.