CVE-2007-3847
EPSS 23.3%
Description
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
How to fix CVE-2007-3847
To remediate CVE-2007-3847, upgrade the affected package to a fixed version below.
- Debian/apache2—upgrade to 2.2.6-1 or later
Is CVE-2007-3847 being exploited?
Moderate — EPSS is 23.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.2.6-1