CVE-2015-3183 in SPARC Enterprise Serverinfo

Summary

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

04/10/2015

Disclosure

07/20/2015

Moderation

VulDB entry created

Entries

VDB-90093 (3)

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

7.5

EPSS

0.28343

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3183
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3183
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3183/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!