CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 0CVE-2007-3847 – httpd: out of bounds read
https://notcve.org/view.php?id=CVE-2007-3847
23 Aug 2007 — The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. La fecha que maneja el código en modules/proxy/proxy_util.c (mod_proxy) en Apache 2.3.0, cuando se utiliza un MPM hilado, permite a servidores origen remotos provocar denegación de servicio (caida del proceso de proxy del cacheo de respuesta)a travé... • http://bugs.gentoo.org/show_bug.cgi?id=186219 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2007-4045 – Incomplete fix for CVE-2007-0720 CUPS denial of service
https://notcve.org/view.php?id=CVE-2007-4045
27 Jul 2007 — The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. El servicio CUPS, tal y como es usado en SUSE Linux versiones anteriores a 20070720 y otras distribuciones de Linux, permite a atacantes remotos causar una denegación de servicio por medio de vectores no especificados relaciona... • http://bugs.gentoo.org/show_bug.cgi?id=199195 •
CVSS: 6.1EPSS: 28%CPEs: 17EXPL: 0CVE-2006-5752 – httpd mod_status XSS
https://notcve.org/view.php?id=CVE-2006-5752
27 Jun 2007 — Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en mod_status.c en el módulo mod_status en Apache HTTP Server (httpd)... • http://bugs.gentoo.org/show_bug.cgi?id=186219 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 1%CPEs: 10EXPL: 1CVE-2007-3304 – httpd scoreboard lack of PID protection
https://notcve.org/view.php?id=CVE-2007-3304
20 Jun 2007 — Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer." Apache httpd versiones 1.3.37, 2.0.59 y 2.2.4 con el módulo Prefork MPM, permite a los usuarios locales causar una denegación de servicio por la modificación de las matrices worker_score y process_score para hacer referencia ... • ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc •