CVE-2004-0493
EPSS 90.5%
Description
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
How to fix CVE-2004-0493
To remediate CVE-2004-0493, upgrade the affected package to a fixed version below.
- Debian/apache2—upgrade to 2.0.50-1 or later
Is CVE-2004-0493 being exploited?
Likely — EPSS is 90.5%, placing CVE-2004-0493 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- from 0, < 2.0.50-1