CVE-2016-2168
Summary
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- LOW
- NONE
- HIGH
References
Advisory Timeline
- Published
