KLA10792
Denial of service vulnerability in Apache Subversion
Обновлено: 17/06/2019
Дата обнаружения
14/01/2016
Уровень угрозы
Critical
Описание

An integer overflow was found in Apache Subversion. By exploiting this vulnerability malicious authenticated users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request.


Technical details

This vulnerability can be triggered via a skel-encoded request body which can cause out-of-bounds read and heap-based buffer overflow.

Пораженные продукты

Apache Subversion versions earlier than 1.8.15
Apache Subversion 1.9 versions earlier than 1.9.3

Решение

Update to the latest version
Get Apache Subversion

Первичный источник обнаружения
Apache advisory
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Apache Subversion
CVE-IDS
CVE-2015-53438.0Critical