Description

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.

Remediation

References

CVE-2004-0786

Related Vulnerabilities

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3391)

WordPress Plugin CSS & JavaScript Toolbox SQL Injection (9.2)

WordPress Plugin Better Search SQL Injection (2.2.2)

MyBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20225)

Severity

Medium

Classification

CVE-2004-0786

Tags

Missing Update Known Vulnerabilities