CVE Vulnerabilities

CVE-2010-3872

Published: Nov 22, 2010 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash.

Affected Software

Name Vendor Start Version End Version
Mod_fcgid Apache 2.3.1 2.3.1
Mod_fcgid Apache 2.3.2 2.3.2
Mod_fcgid Apache 2.3.4 2.3.4
Mod_fcgid Apache * 2.3.5
Mod_fcgid Apache 2.3.3 2.3.3

References