VYPR
High severity7.8NVD Advisory· Published Feb 9, 2005· Updated Jun 16, 2026

CVE-2004-0940

CVE-2004-0940

Description

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22
  • cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
    Range: >=1.3,<=1.3.32
  • OpenPKG/Openpkg3 versions
    cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*
  • Microfocus/Hpux4 versions
    cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
    • cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
    • cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*
    • cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
  • Slackware/Linux6 versions
    cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*
    • cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*
    • cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*
    • cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*
  • SUSE S.A./Linux6 versions
    cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • Apache/Apachellm-fuzzy
    Range: <=1.3.32

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.