CVE-2011-4415

Exp

The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.

Published: 2011-11-08 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2011-4415 is rated Exploit Available (50/100): CVSS Low severity, with medium exploitation likelihood (EPSS 3.10%). Core evidence: 3 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2011-4415

EDB-ID Source Kind Published Link
41769 exploit_db edb 2011-11-02 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2011-4415

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-23 3.28% 3.10% -0.18%
2 2026-06-15 0.45% 3.28% +2.83%
3 2026-03-04 0.45%

Full EPSS history (31 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2011-4415

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
1.2 2.0 LOW
AV:L/AC:H/Au:N/C:N/I:N/A:P Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:H)
Exploitation requires uncommon or highly specific conditions.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:P)
Partial availability impact.
1.9 2.9 [email protected]

Weakness enumeration for CVE-2011-4415

OS Trackers for CVE-2011-4415

vendor priority summary link
debian unimportant CVE-2011-4415 unimportant priority: Debian including 1 source packages (apache2), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2011-4415
redhat low https://access.redhat.com/security/cve/CVE-2011-4415
ubuntu low CVE-2011-4415 low priority: Ubuntu including 1 source packages (apache2), 6 status rows across 6 suites (hardy, lucid, maverick, natty, oneiric, upstream): ignored 6. https://ubuntu.com/security/CVE-2011-4415

Affected software / configurations for CVE-2011-4415

Vendor Product Version Raw CPE
apache http_server 2.0 cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
apache http_server 2.0.9 cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*
apache http_server 2.0.28 cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*
apache http_server 2.0.28 cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
apache http_server 2.0.32 cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*
apache http_server 2.0.32 cpe:2.3:a:apache:http_server:2.0.32:beta:*:*:*:*:*:*
apache http_server 2.0.34 cpe:2.3:a:apache:http_server:2.0.34:beta:*:*:*:*:*:*
apache http_server 2.0.35 cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*
apache http_server 2.0.36 cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*
apache http_server 2.0.37 cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*
apache http_server 2.0.38 cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*
apache http_server 2.0.39 cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*
apache http_server 2.0.40 cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*
apache http_server 2.0.41 cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*
apache http_server 2.0.42 cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*
apache http_server 2.0.43 cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*
apache http_server 2.0.44 cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*
apache http_server 2.0.45 cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*
apache http_server 2.0.46 cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*
apache http_server 2.0.47 cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
apache http_server 2.0.48 cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*
apache http_server 2.0.49 cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*
apache http_server 2.0.50 cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*
apache http_server 2.0.51 cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*
apache http_server 2.0.52 cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*
apache http_server 2.0.53 cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*
apache http_server 2.0.54 cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*
apache http_server 2.0.55 cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*
apache http_server 2.0.56 cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*
apache http_server 2.0.57 cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*
apache http_server 2.0.58 cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*
apache http_server 2.0.59 cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*
apache http_server 2.0.60 cpe:2.3:a:apache:http_server:2.0.60:*:*:*:*:*:*:*
apache http_server 2.0.61 cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*
apache http_server 2.0.63 cpe:2.3:a:apache:http_server:2.0.63:*:*:*:*:*:*:*
apache http_server 2.0.64 cpe:2.3:a:apache:http_server:2.0.64:*:*:*:*:*:*:*
apache http_server 2.2.0 cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
apache http_server 2.2.1 cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
apache http_server 2.2.2 cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
apache http_server 2.2.3 cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
apache http_server 2.2.4 cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
apache http_server 2.2.6 cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
apache http_server 2.2.8 cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
apache http_server 2.2.9 cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
apache http_server 2.2.10 cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
apache http_server 2.2.11 cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
apache http_server 2.2.12 cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
apache http_server 2.2.13 cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
apache http_server 2.2.14 cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
apache http_server 2.2.15 cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
apache http_server 2.2.16 cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
apache http_server 2.2.18 cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
apache http_server 2.2.19 cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
apache http_server 2.2.20 cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
apache http_server 2.2.21 cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*

References for CVE-2011-4415

cvelogic Threat Intelligence