CVE-2007-1862

Apache HTTP Server 2.2.4 - Information Disclosure via mod_mem_cache Header Handling

Title source: llm
STIX 2.1

Description

The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.

References (30)

Core 30
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24553
Various Sources x_refsource_confirm
http://issues.apache.org/bugzilla/show_bug.cgi?id=41551
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27563
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38641
Various Sources x_refsource_confirm
http://httpd.apache.org/security/vulnerabilities_22.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200711-06.xml
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:127
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26842
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2231
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2727
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26273
Issue Tracking x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=186219

Scores

EPSS 0.0591
EPSS Percentile 92.4%

Details

Status published
Products (1)
apache/http_server 2.2.4
Published Jun 04, 2007
Tracked Since Feb 18, 2026