CVE-2016-5387 in macOSजानकारी

सारांश

द्वारा MITRE

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

आरक्षित करना

10/06/2016

प्रकटीकरण

18/07/2016

संयम

स्वीकृत

प्रविष्टि

CPE

तैयार

CWE

CWE-284 (पुष्टि की गई)

CVSS

8.1 (NVD)

EPSS

0.51564

KEV

नहीं

गतिविधियाँ

बहुत कम

क्षेत्र

Pharma, Transportation, ...

स्रोत

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5387
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5387
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5387/

◂ पिछला सिंहावलोकन अगला ▸

Do you know our Splunk app?

Download it now for free!