Information disclosure vulnerability in ap_read_request function in server/protocol.c in the Apache HTTP Server in Apple Mac OS XID: oval:org.secpod.oval:def:4712 | Date: (C)2012-03-12 (M)2024-02-19 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle headers in subrequests in certain circumstances involving a parent request that has a body. Successful exploitation could allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
Platform: |
Apple Mac OS X 10.6 |
Apple Mac OS X Server 10.6 |