Description

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.

Remediation

References

CVE-2013-1862

Related Vulnerabilities

WordPress Plugin Live Chat with Facebook Messenger Cross-Site Scripting (1.4.4)

SharePoint CVE-2024-38018 Vulnerability (CVE-2024-38018)

Internet Information Services Other Vulnerability (CVE-2001-0709)

WordPress Plugin Simple Membership Cross-Site Request Forgery (3.8.4)

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-7961)

Severity

Medium

Classification

CVE-2013-1862

Tags

Missing Update Known Vulnerabilities