Description

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.

Remediation

References

CVE-2013-1862

Related Vulnerabilities

MySQL CVE-2017-3461 Vulnerability (CVE-2017-3461)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-17671)

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.32.7212)

Oracle Database Server CVE-2012-3146 Vulnerability (CVE-2012-3146)

Oracle Application Server CVE-2007-5526 Vulnerability (CVE-2007-5526)

Severity

Medium

Classification

CVE-2013-1862

Tags

Missing Update Known Vulnerabilities