Back to search

Apache httpd APR-util XML DoS (CVE-2009-1955)

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) June 06, 2009 June 29, 2010 January 09, 2013

Description

The affected asset is vulnerable to this Apache vulnerability ONLY if an attacker could convince Apache to consume a specially crafted XML document. Review your Web server configuration for validation.

A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Related Vulnerabilities