CVE - CVE-2007-1862

CVE-ID
CVE-2007-1862	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://issues.apache.org/bugzilla/show_bug.cgi?id=41551 CONFIRM:http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff CONFIRM:http://httpd.apache.org/security/vulnerabilities_22.html CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=186219 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html FEDORA:FEDORA-2007-2214 URL:http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html GENTOO:GLSA-200711-06 URL:http://security.gentoo.org/glsa/glsa-200711-06.xml MANDRIVA:MDKSA-2007:127 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:127 MANDRIVA:MDVSA-2013:150 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 BID:24553 URL:http://www.securityfocus.com/bid/24553 VUPEN:ADV-2007-2231 URL:http://www.vupen.com/english/advisories/2007/2231 VUPEN:ADV-2007-2727 URL:http://www.vupen.com/english/advisories/2007/2727 OSVDB:38641 URL:http://osvdb.org/38641 SECUNIA:26273 URL:http://secunia.com/advisories/26273 SECUNIA:26842 URL:http://secunia.com/advisories/26842 SECUNIA:27563 URL:http://secunia.com/advisories/27563
Assigning CNA
N/A
Date Entry Created
20070404	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070404)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Common Vulnerabilities and Exposures

CVE-2007-1862