What is the severity of CVE-2010-0010?

CVE-2010-0010 is categorized as a moderate-severity vulnerability due to its potential to cause a denial of service and possibly allow remote code execution.

How do I fix CVE-2010-0010?

To fix CVE-2010-0010, upgrade to Apache HTTP Server version 1.3.42 or later.

What systems are affected by CVE-2010-0010?

CVE-2010-0010 affects Apache HTTP Server versions prior to 1.3.42 on 64-bit platforms.

What type of vulnerability is CVE-2010-0010?

CVE-2010-0010 is an integer overflow vulnerability in the Apache HTTP Server's mod_proxy module.

Can CVE-2010-0010 lead to remote code execution?

Yes, CVE-2010-0010 can potentially allow an attacker to execute arbitrary code through specially crafted requests.

Vulnerability/
CVE-2010-0010

medium

6.8

CWE

189 119 190

2/2/2010

7/8/2024

CVE-2010-0010: Buffer Overflow

First published: Tue Feb 02 2010(Updated: )

Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Apache Http Server	=1.3.38
Apache Http Server	=1.3.23
Apache Http Server	=1.3.27
Apache Http Server	=1.3.10
Apache Http Server	=1.0.5
Apache Http Server	=0.8.11
Apache Http Server	=1.3.33
Apache Http Server	=1.3.36
Apache Http Server	=1.3.1
Apache Http Server	=1.3.25
Apache Http Server	=1.3.28
Apache Http Server	=1.3.19
Apache Http Server	=1.3.40
Apache Http Server	=1.3.31
Apache Http Server	=1.3.24
Apache Http Server	=1.3.20
Apache Http Server	=1.3.35
Apache Http Server	=1.1
Apache Http Server	=1.3.2
Apache Http Server	=1.3.34
Apache Http Server	=1.3.4
Apache Http Server	=1.2.5
Apache Http Server	=1.3.13
Apache Http Server	=1.0
Apache Http Server	=1.2.4
Apache Http Server	=1.3.39
Apache Http Server	=1.3.30
Apache Http Server	=1.3.18
Apache Http Server	=1.0.3
Apache Http Server	=1.3.0
Apache Http Server	=1.3
Apache Http Server	=1.3.12
Apache Http Server	=1.3.3
Apache Http Server	=1.3.17
Apache Http Server	=0.8.14
Apache Http Server	=1.3.26
Apache Http Server	<=1.3.41
Apache Http Server	=1.3.32
Apache Http Server	=1.3.15
Apache Http Server	=1.3.14
Apache Http Server	=1.3.29
Apache Http Server	=1.3.22
Apache Http Server	=1.3.37
Apache Http Server	=1.3.11
Apache Http Server	=1.2.6
Apache Http Server	=1.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0010?
CVE-2010-0010 is categorized as a moderate-severity vulnerability due to its potential to cause a denial of service and possibly allow remote code execution.
How do I fix CVE-2010-0010?
To fix CVE-2010-0010, upgrade to Apache HTTP Server version 1.3.42 or later.
What systems are affected by CVE-2010-0010?
CVE-2010-0010 affects Apache HTTP Server versions prior to 1.3.42 on 64-bit platforms.
What type of vulnerability is CVE-2010-0010?
CVE-2010-0010 is an integer overflow vulnerability in the Apache HTTP Server's mod_proxy module.
Can CVE-2010-0010 lead to remote code execution?
Yes, CVE-2010-0010 can potentially allow an attacker to execute arbitrary code through specially crafted requests.

agent/author
agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/description
agent/first-publish-date
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
collector/nvd-api
agent/softwarecombine
agent/tags
agent/source
vendor/apache
canonical/apache http server
version/apache http server/1.3.41
version/apache http server/0.8.11
version/apache http server/0.8.14
version/apache http server/1.0
version/apache http server/1.0.3
version/apache http server/1.0.5
version/apache http server/1.1
version/apache http server/1.2
version/apache http server/1.2.4
version/apache http server/1.2.5
version/apache http server/1.2.6
version/apache http server/1.3
version/apache http server/1.3.0
version/apache http server/1.3.1
version/apache http server/1.3.2
version/apache http server/1.3.3
version/apache http server/1.3.4
version/apache http server/1.3.10
version/apache http server/1.3.11
version/apache http server/1.3.12
version/apache http server/1.3.13
version/apache http server/1.3.14
version/apache http server/1.3.15
version/apache http server/1.3.17
version/apache http server/1.3.18
version/apache http server/1.3.19
version/apache http server/1.3.20
version/apache http server/1.3.22
version/apache http server/1.3.23
version/apache http server/1.3.24
version/apache http server/1.3.25
version/apache http server/1.3.26
version/apache http server/1.3.27
version/apache http server/1.3.28
version/apache http server/1.3.29
version/apache http server/1.3.30
version/apache http server/1.3.31
version/apache http server/1.3.32
version/apache http server/1.3.33
version/apache http server/1.3.34
version/apache http server/1.3.35
version/apache http server/1.3.36
version/apache http server/1.3.37
version/apache http server/1.3.38
version/apache http server/1.3.39
version/apache http server/1.3.40