DescriptionInteger overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- SUSE-SR:2010:010, published Tue, 27 Apr 2010 13:00:00 +0000