Description
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin ALO EasyMail Newsletter Cross-Site Scripting (2.8.1)
Oracle Application Server CVE-2008-7234 Vulnerability (CVE-2008-7234)
Magento Improper Input Validation Vulnerability (CVE-2019-7899)
Jenkins Inadequate Encryption Strength Vulnerability (CVE-2017-2598)
Oracle Database Server CVE-2014-6514 Vulnerability (CVE-2014-6514)