VDB
CISA-2004-0747
CISA-2004-0747
PUBLISHED
CVSS 7.8 HIGH
Reported by mitre · Published September 17, 2004
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
Risk Scores
CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Sep 17, 2004 CVE Published
- Jan 16, 2025 CVE Updated
- Mar 17, 2026 Security Advisory
References
- SUSE-SA:2004:032 vendor-advisoryx_refsource_SUSE
- RHSA-2004:463 vendor-advisoryx_refsource_REDHAT
- apache-env-configuration-bo(17384) vdb-entryx_refsource_XF
- ADV-2009-1233 vdb-entryx_refsource_VUPEN
- 12540 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:11561 vdb-entrysignaturex_refsource_OVAL
- 34920 third-party-advisoryx_refsource_SECUNIA
- 2004-0047 vendor-advisoryx_refsource_TRUSTIX
- MDKSA-2004:096 vendor-advisoryx_refsource_MANDRAKE
- x_refsource_MISC
- GLSA-200409-21 vendor-advisoryx_refsource_GENTOO
- VU#481998 third-party-advisoryx_refsource_CERT-VN
- 1011303 vdb-entryx_refsource_SECTRACK
- [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
- [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
- [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
- [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
- [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ mailing-listx_refsource_MLIST
- [httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ mailing-listx_refsource_MLIST
- [httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/ mailing-listx_refsource_MLIST
…and 6 more