Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Apr-util | Apache | * | 1.3.4 (including) |