CVE-2014-0098 in Apple MacOS Xinfo

Summary

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.

Reservation

12/03/2013

Disclosure

03/18/2014

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
74703	Apple MacOS X Apache input validation	20	Not defined	Official fix	CVE-2014-0098
68666	Oracle HTTP Server Web Listener input validation	20	Not defined	Official fix	CVE-2014-0098
67998	Apple Mac OS X input validation	20	Not defined	Official fix	CVE-2014-0098
67147	Oracle Secure Global Desktop input validation	20	Not defined	Official fix	CVE-2014-0098
12667	Apache HTTP Server mod_log_config.c log_cookie input validation	20	Unproven	Official fix	CVE-2014-0098

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸