Description

mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.

Remediation

References

CVE-2003-0789

Related Vulnerabilities

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3226)

Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161)

WordPress Directory Traversal (3.7 - 5.0.3)

CakePHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4399)

WordPress Plugin Ivory Search-WordPress Search Multiple Cross-Site Scripting Vulnerabilities (5.4)

Severity

Critical

Classification

CVE-2003-0789

Tags

Missing Update Known Vulnerabilities