CVE-2013-1862 in Oracle HTTP Serverinfo

Summary

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.

Reservation

02/19/2013

Disclosure

06/10/2013

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
11814	Oracle HTTP Server Web Listener cryptographic issue	310	Not defined	Official fix	CVE-2013-1862
8746	Apache HTTP Server Log File Terminal Escape Sequence Filtering mod_rewrite.c do_rewritelog cryptographic issue	310	Unproven	Official fix	CVE-2013-1862

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!