Description
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Remediation
References
Related Vulnerabilities
phpMyFAQ 7PK - Security Features Vulnerability (CVE-2014-6050)
WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3)
MySQL CVE-2023-22057 Vulnerability (CVE-2023-22057)
MediaWiki Improper Input Validation Vulnerability (CVE-2017-0370)
WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.5.1)