CVE-2006-3747 in WebSphere Application Serverinfo

Summary

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

07/20/2006

Disclosure

07/28/2006

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
2701	IBM WebSphere Application Server handleservantnotification numeric error	189	High	Official fix	CVE-2006-3747
2700	IBM WebSphere Application Server Eal4 Authentication numeric error	189	High	Official fix	CVE-2006-3747
2699	IBM WebSphere Application Server numeric error	189	High	Official fix	CVE-2006-3747
2414	Apache HTTP Server mod_rewrite numeric error	189	High	Official fix	CVE-2006-3747

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸