Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
httpdApache Team FoundationHTTPD:CE69C4ECDA46256846F1C251D5FB13D9
HistoryAug 21, 2009 - 12:00 a.m.

Apache Httpd < 2.0.64 : expat DoS

2009-08-2100:00:00
Apache Team Foundation
httpd.apache.org
13

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.027

Percentile

90.6%

JSON

A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.

Affected configurations

Vulners
Node
apacheapache_httpdMatch2.0.63
OR
apacheapache_httpdMatch2.0.61
OR
apacheapache_httpdMatch2.0.59
OR
apacheapache_httpdMatch2.0.58
OR
apacheapache_httpdMatch2.0.55
OR
apacheapache_httpdMatch2.0.54
OR
apacheapache_httpdMatch2.0.53
OR
apacheapache_httpdMatch2.0.52
OR
apacheapache_httpdMatch2.0.51
OR
apacheapache_httpdMatch2.0.50
OR
apacheapache_httpdMatch2.0.49
OR
apacheapache_httpdMatch2.0.48
OR
apacheapache_httpdMatch2.0.47
OR
apacheapache_httpdMatch2.0.46
OR
apacheapache_httpdMatch2.0.45
OR
apacheapache_httpdMatch2.0.44
OR
apacheapache_httpdMatch2.0.43
OR
apacheapache_httpdMatch2.0.42
OR
apacheapache_httpdMatch2.0.40
OR
apacheapache_httpdMatch2.0.39
OR
apacheapache_httpdMatch2.0.37
OR
apacheapache_httpdMatch2.0.36
OR
apacheapache_httpdMatch2.0.35
VendorProductVersionCPE
apacheapache_httpd2.0.63cpe:2.3:a:apache:apache_httpd:2.0.63:*:*:*:*:*:*:*
apacheapache_httpd2.0.61cpe:2.3:a:apache:apache_httpd:2.0.61:*:*:*:*:*:*:*
apacheapache_httpd2.0.59cpe:2.3:a:apache:apache_httpd:2.0.59:*:*:*:*:*:*:*
apacheapache_httpd2.0.58cpe:2.3:a:apache:apache_httpd:2.0.58:*:*:*:*:*:*:*
apacheapache_httpd2.0.55cpe:2.3:a:apache:apache_httpd:2.0.55:*:*:*:*:*:*:*
apacheapache_httpd2.0.54cpe:2.3:a:apache:apache_httpd:2.0.54:*:*:*:*:*:*:*
apacheapache_httpd2.0.53cpe:2.3:a:apache:apache_httpd:2.0.53:*:*:*:*:*:*:*
apacheapache_httpd2.0.52cpe:2.3:a:apache:apache_httpd:2.0.52:*:*:*:*:*:*:*
apacheapache_httpd2.0.51cpe:2.3:a:apache:apache_httpd:2.0.51:*:*:*:*:*:*:*
apacheapache_httpd2.0.50cpe:2.3:a:apache:apache_httpd:2.0.50:*:*:*:*:*:*:*
Rows per page:
1-10 of 231

Related

openvas 91
redhat 3
nessus 62
centos 3
fedora 20
oraclelinux 3
freebsd 2
httpd 1
altlinux 2
veracode 1
prion 1
ubuntucve 2
cvelist 2
debiancve 2
nvd 1
cve 1
f5 1
ubuntu 1
openvas
openvas
Fedora Core 11 FEDORA-2009-10972 (python-4Suite-XML)
2009-11-11 00:00:00
Fedora Core 10 FEDORA-2009-10956 (python-4Suite-XML)
2009-11-11 00:00:00
Fedora Update for SimGear FEDORA-2011-5727
2011-05-05 00:00:00
redhat
redhat
(RHSA-2010:0002) Moderate: PyXML security update
2010-01-04 00:00:00
(RHSA-2009:1572) Moderate: 4Suite security update
2009-11-10 00:00:00
(RHSA-2009:1625) Moderate: expat security update
2009-12-07 00:00:00
nessus
nessus
RHEL 3 / 4 : 4Suite (RHSA-2009:1572)
2009-11-11 00:00:00
Fedora 12 : libtlen-0-0.10.20060309.fc12 (2010-17762)
2010-11-22 00:00:00
Fedora 14 : SimGear-2.0.0-5.fc14 (2011-5727)
2011-05-02 00:00:00
centos
centos
PyXML security update
2010-01-04 23:32:13
4Suite security update
2009-11-10 21:28:54
expat security update
2009-12-07 23:34:29
fedora
fedora
[SECURITY] Fedora 15 Update: SimGear-2.0.0-5.fc15
2011-04-26 16:26:08
[SECURITY] Fedora 10 Update: expat-2.0.1-5.fc10.1
2009-11-04 12:40:57
[SECURITY] Fedora 11 Update: python-4Suite-XML-1.0.2-8.fc11
2009-11-04 12:28:21
oraclelinux
oraclelinux
PyXML security update
2010-01-04 00:00:00
4Suite security update
2009-11-10 00:00:00
expat security update
2009-12-07 00:00:00
freebsd
freebsd
expat2 -- Parser crash with specially formatted UTF-8 sequences
2009-01-17 00:00:00
apr -- multiple vunerabilities
2010-10-02 00:00:00
httpd
httpd
Apache Httpd < 2.2.17 : expat DoS
2009-08-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package centerim version 4.22.10-alt1
2010-11-24 00:00:00
Security fix for the ALT Linux 5 package centerim version 4.22.10-alt0.M50P.1
2011-01-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:55:28
prion
prion
Buffer overflow
2009-11-03 16:30:00
ubuntucve
ubuntucve
CVE-2009-3720
2009-11-03 00:00:00
CVE-2009-2625
2009-08-06 00:00:00
cvelist
cvelist
CVE-2009-3720
2009-11-03 16:00:00
CVE-2009-3560
2009-12-04 21:00:00
debiancve
debiancve
CVE-2009-3720
2009-11-03 16:30:12
CVE-2009-3560
2009-12-04 21:30:00
nvd
nvd
CVE-2009-3720
2009-11-03 16:30:12
cve
cve
CVE-2009-3720
2009-11-03 16:30:12
f5
f5
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2014-12-11 00:00:00
ubuntu
ubuntu
Python 2.4 vulnerabilities
2010-01-22 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.027

Percentile

90.6%

JSON
Related for HTTPD:CE69C4ECDA46256846F1C251D5FB13D9
openvas91redhat3nessus62centos3fedora20oraclelinux3freebsd2httpd1altlinux2veracode1prion1ubuntucve2cvelist2debiancve2nvd1cve1f51ubuntu1