Back to search
CVE-2010-0425
Published: Mar 5, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.vmware.com/security/advisories/VMSA-2010-0014.html
x_refsource_CONFIRM
39628
third-party-advisory
x_refsource_SECUNIA
ADV-2010-0634
vdb-entry
x_refsource_VUPEN
PM12247
vendor-advisory
x_refsource_AIXAPAR
1023701
vdb-entry
x_refsource_SECTRACK
38494
vdb-entry
x_refsource_BID
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
x_refsource_CONFIRM
PM09447
vendor-advisory
x_refsource_AIXAPAR
http://httpd.apache.org/security/vulnerabilities_20.html
x_refsource_CONFIRM
VU#280613
third-party-advisory
x_refsource_CERT-VN
38978
third-party-advisory
x_refsource_SECUNIA
[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues
mailing-list
x_refsource_MLIST
http://httpd.apache.org/security/vulnerabilities_22.html
x_refsource_CONFIRM
http://svn.apache.org/viewvc?view=revision&revision=917870
x_refsource_CONFIRM
oval:org.mitre.oval:def:8439
vdb-entry
signature
x_refsource_OVAL
http://www.senseofsecurity.com.au/advisories/SOS-10-002
x_refsource_MISC
apache-http-modisapi-ocp-unspecified(56624)
vdb-entry
x_refsource_XF
ADV-2010-0994
vdb-entry
x_refsource_VUPEN
https://www.exploit-db.com/exploits/11650
x_refsource_MISC
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [6/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [6/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now