CVE-2007-1862 — Apache Http Server vulnerability

6 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
10.7%
top 6.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Http Server
Timeline
PublishedJun 4
Latest updateMay 1

Description

The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDapache/http_server2.2.4

🔴Vulnerability Details

2
GHSA
GHSA-9crv-77hm-6xmm: The recall_headers function in mod_mem_cache in Apache 2↗2022-05-01
â–¶
CVEList
CVE-2007-1862: The recall_headers function in mod_mem_cache in Apache 2↗2007-06-04
â–¶

📋Vendor Advisories

2
Debian
CVE-2007-1862: apache2 - The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly c...↗2007
â–¶
Red Hat
httpd's mod_mem_cache sensitive information disclosure↗
â–¶

💬Community

1
Bugzilla
CVE-2007-1862 httpd's mod_mem_cache sensitive information disclosure↗2007-06-05
â–¶
CVE-2007-1862 — Apache Http Server vulnerability | cvebase