CVE-2014-0242 in mod_wsgiinfo

Summary

mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.

Reservation

12/03/2013

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
146807	mod_wsgi Embedded Mode information disclosure	200	Proof-of-Concept	Official fix	CVE-2014-0242
13299	Apache HTTP Server mod_wsgi information disclosure	200	Proof-of-Concept	Official fix	CVE-2014-0242

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!