| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2010-3872 |
| Description: |
The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "untrusted FastCGI applications" and a "stack buffer overwrite."
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2010-3872
Mitre CVE-2010-3872
SUSE CVE-2010-3872
openSUSE-SU-2011:0884-1
openSUSE-SU-2011:0884-1
SUSE-SU-2011:0885-1
SUSE-SU-2011:0885-1
|
| Platform(s): | openSUSE 11.3
openSUSE Tumbleweed
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP4
| Product(s): | |
| Definition Synopsis |
| Release Information sle11-sp1-sdk is installed
AND apache2-mod_fcgid less than 2.2-31.21.1
OR Package Information
suse113 is installed
AND apache2-mod_fcgid less than 2.2-101.3.1
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
AND apache2-mod_fcgid-2.2-31.27 is installed
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND apache2-mod_fcgid-2.3.9-7.3 is installed
|