ubuntu · CVE-2007-3847

Quick triage

Priority: low Published: 2007-08-23 22:17:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2007-3847 low priority: Ubuntu including 1 source packages (apache2), 5 status rows across 5 suites (dapper, edgy, feisty, gutsy, upstream): released 4, needs-triage 1.

Description:

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.

cvelogic Threat Intelligence