CVE-2007-6422
EPSS 5.6%
Description
The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
How to fix CVE-2007-6422
To remediate CVE-2007-6422, upgrade the affected package to a fixed version below.
- Debian/apache2—upgrade to 2.2.8-1 or later
Is CVE-2007-6422 being exploited?
Moderate — EPSS is 5.6%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.2.8-1