CVE-2004-0493
published 2004-08-06CVE-2004-0493: The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer…
medium6.4CVSS 3.1
AVNACLAuNCNIPAP
EXPLOIT
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | — | — |
| apache | http_server | — | — |
| apache | http_server | — | — |
| avaya | converged_communications_server | — | — |
| avaya | s8300 | — | — |
| avaya | s8500 | — | — |
| avaya | s8700 | — | — |
| debian | apache2 | < apache2 2.0.50-1 (bookworm) | apache2 2.0.50-1 (bookworm) |
| gentoo | linux | — | — |
| ibm | http_server | — | — |
| ibm | http_server | — | — |
| ibm | http_server | — | — |
| ibm | http_server | — | — |
| ibm | http_server | — | — |
| trustix | secure_linux | — | — |
| trustix | secure_linux | — | — |
| trustix | secure_linux | — | — |
CVSS provenance
nvd6.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
osv6.4MEDIUM