CVE-2017-9788 in macOSinfo

Zusammenfassung

von MITRE

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

21.06.2017

Veröffentlichung

13.07.2017

Moderieren

akzeptiert

Eintrag

Verknüpfen

zeigen

CPE

bereit

CWE

CWE-20 (bestätigt)

CVSS

9.1 (NVD)

EPSS

0.49498

KEV

nein

Aktivitäten

very low

Sektor

Hospital, Finance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-9788
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-9788
CVE Details	https://www.cvedetails.com/cve/CVE-2017-9788/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!