Description
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-3806 Vulnerability (CVE-2013-3806)
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8286)
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1805)
Moodle DEPRECATED: Code Vulnerability (CVE-2015-3177)
WordPress Plugin MiwoEvents-Manage & Book Events Unspecified Vulnerability (1.2.0)