CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3523

Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.352

EPSS Ranking 96.9%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2014-3523

Apache » Http Server » Version: 2.4.1

cpe:2.3:a:apache:http_server:2.4.1
Apache » Http Server » Version: 2.4.2

cpe:2.3:a:apache:http_server:2.4.2
Apache » Http Server » Version: 2.4.3

cpe:2.3:a:apache:http_server:2.4.3
Apache » Http Server » Version: 2.4.4

cpe:2.3:a:apache:http_server:2.4.4
Apache » Http Server » Version: 2.4.6

cpe:2.3:a:apache:http_server:2.4.6
Apache » Http Server » Version: 2.4.7

cpe:2.3:a:apache:http_server:2.4.7
Apache » Http Server » Version: 2.4.8

cpe:2.3:a:apache:http_server:2.4.8
Apache » Http Server » Version: 2.4.9

cpe:2.3:a:apache:http_server:2.4.9
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-
Microsoft » Windows » Version: 1.0

cpe:2.3:o:microsoft:windows:1.0
Microsoft » Windows » Version: 2.0

cpe:2.3:o:microsoft:windows:2.0
Microsoft » Windows » Version: 2000

cpe:2.3:o:microsoft:windows:2000
Microsoft » Windows » Version: 3.0

cpe:2.3:o:microsoft:windows:3.0
Microsoft » Windows » Version: 3.1

cpe:2.3:o:microsoft:windows:3.1
Microsoft » Windows » Version: 3.11

cpe:2.3:o:microsoft:windows:3.11
Microsoft » Windows » Version: server_2008

cpe:2.3:o:microsoft:windows:server_2008
Microsoft » Windows » Version: vista

cpe:2.3:o:microsoft:windows:vista

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3523

Products

Pricing

Contact Us