Description
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Map Generator Cross-Site Scripting (1.3.1)
Apache HTTP Server Numeric Errors Vulnerability (CVE-2009-1956)
WordPress 6.2.x Shortcode Execution (6.2 - 6.2.1)
Joomla! Core 3.4.x Cross-Site Scripting (3.4.0 - 3.4.3)
WordPress Plugin Backup and Restore WordPress-WPBackItUp Multiple Vulnerabilities (1.9)