5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.425 Medium
EPSS
Percentile
97.3%
Versions of Apache 2.2 earlier than 2.2.17 are potentially affected by multiple vulnerabilities :
Errors exist in the bundled expat library that may allow an attacker to crash the server when a buffer is over-read when parsing an XML document. (CVE-2009-3720 and CVE-2009-3560)
An error exists in the ‘apr_brigade_split_line’ function in the bundled APR-util library. Carefully timed bytes in requests result in gradual memory increases leading to a denial of service. (CVE-2010-1623)
Binary data 6793.prm
Vendor | Product | Version | CPE |
---|---|---|---|
apache | http_server | 2.2 | cpe:/a:apache:http_server:2.2 |