• Close
  • Back to search

    Apache HTTPD: APR-util XML DoS (CVE-2009-1955)

    Severity CVSS Published Added Modified
    8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) June 06, 2009 April 11, 2012 February 12, 2015

    Description

    The affected asset is vulnerable to this vulnerability ONLY if an attacker could convince Apache to consume a specially crafted XML document. Review your web server configuration for validation. A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine.

    Free Nexpose Download

    Discover, prioritize, and remediate security risks today!

     Download now

    References

    Solution

    apache-httpd-upgrade-2_2_12

    Related Vulnerabilities