KLA10792
Denial of service vulnerability in Apache Subversion

Updated: 06/03/2020
Detect date
?
01/14/2016
Severity
?
Critical
Description

An integer overflow was found in Apache Subversion. By exploiting this vulnerability malicious authenticated users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request.


Technical details

This vulnerability can be triggered via a skel-encoded request body which can cause out-of-bounds read and heap-based buffer overflow.

Affected products

Apache Subversion versions earlier than 1.8.15
Apache Subversion 1.9 versions earlier than 1.9.3

Solution

Update to the latest version
Get Apache Subversion

Original advisories

Apache advisory

Impacts
?
DoS 
[?]
Related products
Apache Subversion
CVE-IDS
?
CVE-2015-53438.0Critical
Find out the statistics of the vulnerabilities spreading in your region