Unrated severityNVD Advisory· Published Mar 5, 2010· Updated Jun 16, 2026
CVE-2010-0425
CVE-2010-0425
Description
modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- Range: >=2.0.37 <=2.0.63 || >=2.2.0 <=2.2.14 || >=2.3.0 <2.3.7
- osv-coords8 versionspkg:rpm/opensuse/apache2&distro=openSUSE%20Tumbleweedpkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/apache2&distro=SUSE%20Studio%20Onsite%201.3
< 2.4.23-4.1+ 7 more
- (no CPE)range: < 2.4.23-4.1
- (no CPE)range: < 2.2.34-70.12.1
- (no CPE)range: < 2.2.34-70.12.1
- (no CPE)range: < 2.2.34-70.12.1
- (no CPE)range: < 2.2.34-70.12.1
- (no CPE)range: < 2.2.34-70.12.1
- (no CPE)range: < 2.2.34-70.12.1
- (no CPE)range: < 2.2.34-70.12.1
Patches
Vulnerability mechanics
References
42- www.securityfocus.com/bid/38494nvdBroken LinkExploit
- httpd.apache.org/security/vulnerabilities_20.htmlnvdVendor Advisory
- httpd.apache.org/security/vulnerabilities_22.htmlnvdVendor Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdThird Party Advisory
- www.kb.cert.org/vuls/id/280613nvdThird Party AdvisoryUS Government Resource
- www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.htmlnvdThird Party Advisory
- www.senseofsecurity.com.au/advisories/SOS-10-002nvdThird Party AdvisoryURL Repurposed
- www.vmware.com/security/advisories/VMSA-2010-0014.htmlnvdThird Party Advisory
- www.vupen.com/english/advisories/2010/0634nvdBroken LinkVendor Advisory
- www.vupen.com/english/advisories/2010/0994nvdBroken LinkIssue TrackingMailing ListVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/56624nvdThird Party Advisory
- www.exploit-db.com/exploits/11650nvdThird Party Advisory
- lists.vmware.com/pipermail/security-announce/2010/000105.htmlnvdBroken Link
- secunia.com/advisories/38978nvdBroken Link
- secunia.com/advisories/39628nvdBroken Link
- svn.apache.org/viewvc/httpd/httpd/trunk/CHANGESnvdPermissions Required
- svn.apache.org/viewvc/httpd/httpd/trunk/modules/arch/win32/mod_isapi.cnvdPermissions Required
- svn.apache.org/viewvcnvdPermissions Required
- www.securitytracker.com/idnvdBroken Link
- lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3EnvdIssue TrackingMailing List
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8439nvdBroken Link
News mentions
0No linked articles in our index yet.