CVE-2014-3581
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| NULL Pointer Dereference The product dereferences a pointer that it expects to be valid but is NULL. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Products Mentioned
Configuraton 0
Apache>>Http_server >> Version 2.4.1
- Apache>>Http_server >> Version 2.4.1 (Open CPE detail)
Apache>>Http_server >> Version 2.4.2
- Apache>>Http_server >> Version 2.4.2 (Open CPE detail)
Apache>>Http_server >> Version 2.4.3
- Apache>>Http_server >> Version 2.4.3 (Open CPE detail)
Apache>>Http_server >> Version 2.4.4
- Apache>>Http_server >> Version 2.4.4 (Open CPE detail)
Apache>>Http_server >> Version 2.4.6
- Apache>>Http_server >> Version 2.4.6 (Open CPE detail)
Apache>>Http_server >> Version 2.4.7
- Apache>>Http_server >> Version 2.4.7 (Open CPE detail)
Apache>>Http_server >> Version 2.4.9
- Apache>>Http_server >> Version 2.4.9 (Open CPE detail)
Apache>>Http_server >> Version 2.4.10
- Apache>>Http_server >> Version 2.4.10 (Open CPE detail)
Configuraton 0
Canonical>>Ubuntu_linux >> Version 10.04
- Canonical>>Ubuntu_linux >> Version 10.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 12.04
- Canonical>>Ubuntu_linux >> Version 12.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 14.04
- Canonical>>Ubuntu_linux >> Version 14.04 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 14.10
- Canonical>>Ubuntu_linux >> Version 14.10 (Open CPE detail)
Configuraton 0
Redhat>>Enterprise_linux_desktop >> Version 7.0
- Redhat>>Enterprise_linux_desktop >> Version 7.0 (Open CPE detail)
- Redhat>>Enterprise_linux_desktop >> Version 7.0 (Open CPE detail)
Redhat>>Enterprise_linux_eus >> Version 7.3
- Redhat>>Enterprise_linux_eus >> Version 7.3 (Open CPE detail)
Redhat>>Enterprise_linux_eus >> Version 7.4
- Redhat>>Enterprise_linux_eus >> Version 7.4 (Open CPE detail)
Redhat>>Enterprise_linux_eus >> Version 7.5
- Redhat>>Enterprise_linux_eus >> Version 7.5 (Open CPE detail)
Redhat>>Enterprise_linux_eus >> Version 7.6
- Redhat>>Enterprise_linux_eus >> Version 7.6 (Open CPE detail)
Redhat>>Enterprise_linux_eus >> Version 7.7
- Redhat>>Enterprise_linux_eus >> Version 7.7 (Open CPE detail)
Redhat>>Enterprise_linux_server >> Version 7.0
- Redhat>>Enterprise_linux_server >> Version 7.0 (Open CPE detail)
- Redhat>>Enterprise_linux_server >> Version 7.0 (Open CPE detail)
Redhat>>Enterprise_linux_server_aus >> Version 7.3
- Redhat>>Enterprise_linux_server_aus >> Version 7.3 (Open CPE detail)
Redhat>>Enterprise_linux_server_aus >> Version 7.4
- Redhat>>Enterprise_linux_server_aus >> Version 7.4 (Open CPE detail)
Redhat>>Enterprise_linux_server_aus >> Version 7.6
- Redhat>>Enterprise_linux_server_aus >> Version 7.6 (Open CPE detail)
Redhat>>Enterprise_linux_server_aus >> Version 7.7
- Redhat>>Enterprise_linux_server_aus >> Version 7.7 (Open CPE detail)
Redhat>>Enterprise_linux_server_tus >> Version 7.3
- Redhat>>Enterprise_linux_server_tus >> Version 7.3 (Open CPE detail)
Redhat>>Enterprise_linux_server_tus >> Version 7.6
- Redhat>>Enterprise_linux_server_tus >> Version 7.6 (Open CPE detail)
Redhat>>Enterprise_linux_server_tus >> Version 7.7
- Redhat>>Enterprise_linux_server_tus >> Version 7.7 (Open CPE detail)
Configuraton 0
Oracle>>Enterprise_manager_ops_center >> Version To (excluding) 12.1.4
- Oracle>>Enterprise_manager_ops_center >> Version 11.1 (Open CPE detail)
- Oracle>>Enterprise_manager_ops_center >> Version 11.1.3 (Open CPE detail)
- Oracle>>Enterprise_manager_ops_center >> Version 12.1 (Open CPE detail)
- Oracle>>Enterprise_manager_ops_center >> Version 12.1.3 (Open CPE detail)
Oracle>>Enterprise_manager_ops_center >> Version 12.2.0
- Oracle>>Enterprise_manager_ops_center >> Version 12.2.0 (Open CPE detail)
Oracle>>Enterprise_manager_ops_center >> Version 12.2.1
- Oracle>>Enterprise_manager_ops_center >> Version 12.2.1 (Open CPE detail)
Oracle>>Enterprise_manager_ops_center >> Version 12.3.0
- Oracle>>Enterprise_manager_ops_center >> Version 12.3.0 (Open CPE detail)
Oracle>>Linux >> Version 6
- Oracle>>Linux >> Version 6 (Open CPE detail)
References
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
Tags : vendor-advisory, x_refsource_APPLE
Tags : vendor-advisory, x_refsource_APPLE
http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
Tags : vendor-advisory, x_refsource_APPLE
Tags : vendor-advisory, x_refsource_APPLE
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
2025©
tesweb SA
