Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.
2013-10-17T23:55:04.470
2025-04-11T00:51:21.963
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | apache | mod_fcgid | < 2.3.9 | Yes |
Application | apache | http_server | * | No |
Operating System | debian | debian_linux | 6.0 | Yes |
Operating System | debian | debian_linux | 7.0 | Yes |
Application | suse | cloud | 1.0 | Yes |
Application | suse | cloud | 2.0 | Yes |
Operating System | opensuse | opensuse | 11.4 | Yes |
Operating System | opensuse | opensuse | 12.2 | Yes |
Operating System | opensuse | opensuse | 12.3 | Yes |
Operating System | suse | linux_enterprise_software_development_kit | 11 | Yes |
Operating System | suse | linux_enterprise_software_development_kit | 11 | Yes |