FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2012-0031

This CVE name corresponds to:

Entered Topic
2012-01-31 apache -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2012-0031 at cve.mitre.org

Details

Type Candidate
Name CVE-2012-0031
Phase Assigned(20111207)

Description

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.

References

Source Reference
MISC http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
CONFIRM http://svn.apache.org/viewvc?view=revision&revision=1230065
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=773744
CONFIRM http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
CONFIRM http://support.apple.com/kb/HT5501
APPLE APPLE-SA-2012-09-19-2
HP HPSBMU02786
HP SSRT100877
HP HPSBOV02822
HP SSRT100966
MANDRIVA MDVSA-2013:150
REDHAT RHSA-2012:0128
SUSE openSUSE-SU-2012:0314
BID 51407
SECUNIA 47410
SECUNIA 48551

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.