VDB
CVE-2015-1130
CVE-2015-1130
PUBLISHED
KEV
CVSS 7.199999809265137 HIGH
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
EPSS 23.42% · 96.1th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
23.42%
96.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | mac_os_x | 0, 0, 0 |
| n/a | n/a | n/a, n/a |
Exploit Intelligence
- Proof of Concept OS X Application for RootPipe Privilege Escalation Vulnerability (CVE-2015-1130) (github-poc-repo)
- Proof of Concept OS X Application for RootPipe Privilege Escalation Vulnerability (CVE-2015-1130) (github-poc-repo)
- Proof of Concept OS X Application for RootPipe Privilege Escalation Vulnerability (CVE-2015-1130) (github-poc-repo)
- Proof of Concept OS X Application for RootPipe Privilege Escalation Vulnerability (CVE-2015-1130) (github-poc-repo)
- Proof of Concept OS X Application for RootPipe Privilege Escalation Vulnerability (CVE-2015-1130) (github-poc-repo)
- Proof of Concept OS X Application for RootPipe Privilege Escalation Vulnerability (CVE-2015-1130) (github-poc-repo)
- RootPipe (CVE-2015-1130) and Phoenix (CVE-2015-3673) vulnerability testing utility for Mac OS X 10.2.8 and later (github-poc-repo)
- RootPipe (CVE-2015-1130) and Phoenix (CVE-2015-3673) vulnerability testing utility for Mac OS X 10.2.8 and later (github-poc-repo)
- RootPipe (CVE-2015-1130) and Phoenix (CVE-2015-3673) vulnerability testing utility for Mac OS X 10.2.8 and later (github-poc-repo)
- RootPipe (CVE-2015-1130) and Phoenix (CVE-2015-3673) vulnerability testing utility for Mac OS X 10.2.8 and later (github-poc-repo)
…and 233 more exploits
Timeline
- Jan 17, 1970 VulnCheck XDB Entry
- Jan 17, 1970 VulnCheck XDB Entry
- Apr 9, 2015 CVE Published
- Apr 9, 2015 PoC Published
- Apr 12, 2015 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Feb 10, 2022 CISA KEV Added
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
References
- 120418 vdb
- https://support.apple.com/HT204659 url
- 73982 vdb
- 36692 exploit
- 1032048 vdb
- APPLE-SA-2015-04-08-2 vendor-advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1130 url
- https://nvd.nist.gov/vuln/detail/CVE-2015-1130 advisory
- https://www.exploit-db.com/exploits/36692 url
- HPSBUX03512 vendor-advisory
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html url
- http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES url
- GLSA-201504-03 vendor-advisory
- RHSA-2015:1249 vendor-advisory
- RHSA-2016:0061 vendor-advisory
- RHSA-2015:0325 vendor-advisory
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html url
- MDVSA-2014:174 vendor-advisory
- USN-2523-1 vendor-advisory
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html url
…and 34 more