High severity7.8NVD Advisory· Published Oct 20, 2004· Updated Apr 16, 2026
CVE-2004-0747
CVE-2004-0747
Description
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
26- lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3EnvdMailing ListPatch
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.gentoo.org/security/en/glsa/glsa-200409-21.xmlnvdThird Party Advisory
- www.kb.cert.org/vuls/id/481998nvdThird Party AdvisoryUS Government Resource
- www.redhat.com/support/errata/RHSA-2004-463.htmlnvdBroken LinkThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/17384nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561nvdBroken LinkThird Party Advisory
- secunia.com/advisories/12540nvdBroken LinkNot Applicable
- secunia.com/advisories/34920nvdBroken LinkNot Applicable
- support.ca.com/irj/portal/anonymous/phpsupcontentnvdBroken Link
- www.mandrakesecure.net/en/advisories/advisory.phpnvdBroken Link
- www.novell.com/linux/security/advisories/2004_32_apache2.htmlnvdBroken Link
- www.trustix.org/errata/2004/0047/nvdBroken Link
- www.vupen.com/english/advisories/2009/1233nvdBroken LinkPermissions Required
News mentions
0No linked articles in our index yet.