CVE-2007-6258

mod_jk2 <2.0.3-DEV - RCE

Title source: llm

Description

Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.

Exploits (2)

exploitdb WORKING POC VERIFIED
by INetCop Security · textremotelinux
https://www.exploit-db.com/exploits/5386
exploitdb WORKING POC VERIFIED
by Heretic2 · cremotewindows_x86
https://www.exploit-db.com/exploits/5330

References (9)

Scores

EPSS 0.3939
EPSS Percentile 97.3%

Details

CWE
CWE-119
Status published
Products (5)
apache/mod_jk 2.0
apache/mod_jk 2.0.1
apache/mod_jk 2.0.2
apache/mod_jk 2.0.3_dev
f5/big-ip 9.2.3.30
Published Feb 19, 2008
Tracked Since Feb 18, 2026