Description

Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.

Remediation

References

CVE-2009-1956

Related Vulnerabilities

WordPress Plugin WP Activity Log Premium SQL Injection (4.6.4)

MySQL CVE-2022-39400 Vulnerability (CVE-2022-39400)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-20151)

Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-4010)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3394)

Severity

Medium

Classification

CVE-2009-1956

Tags

Missing Update Known Vulnerabilities