CVE-2004-0492
published 2004-08-06CVE-2004-0492: Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and…
critical10CVSS 3.1
AVNACLAuNCCICAC
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | — | — |
| apache | http_server | — | — |
| apache | http_server | — | — |
| apache | http_server | — | — |
| apache | http_server | — | — |
| hp | virtualvault | — | — |
| hp | vvos | — | — |
| hp | webproxy | — | — |
| hp | webproxy | — | — |
| ibm | http_server | — | — |
| ibm | http_server | — | — |
| ibm | http_server | — | — |
| ibm | http_server | — | — |
| openbsd | openbsd | — | — |
| openbsd | openbsd | — | — |
| sgi | propack | — | — |