High severity7.5NVD Advisory· Published Nov 22, 2010· Updated Jun 16, 2026
CVE-2010-3872
CVE-2010-3872
Description
A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:apache:mod_fcgid:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:apache:mod_fcgid:*:*:*:*:*:*:*:*range: <=2.3.5
- cpe:2.3:a:apache:mod_fcgid:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:mod_fcgid:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:mod_fcgid:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:mod_fcgid:2.3.4:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
20- issues.apache.org/bugzilla/show_bug.cginvdPatch
- secunia.com/advisories/42288nvdVendor Advisory
- secunia.com/advisories/42302nvdVendor Advisory
- www.vupen.com/english/advisories/2010/2997nvdVendor Advisory
- www.vupen.com/english/advisories/2010/2998nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2010-November/050930.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-November/050932.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-November/050976.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2011-08/msg00004.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2011-08/msg00005.htmlnvd
- osvdb.org/69275nvd
- secunia.com/advisories/42815nvd
- www.debian.org/security/2010/dsa-2140nvd
- www.gossamer-threads.com/lists/apache/announce/391406nvd
- www.securityfocus.com/bid/44900nvd
- www.vupen.com/english/advisories/2011/0031nvd
- access.redhat.com/security/cve/CVE-2010-3872nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/63303nvd
- github.com/apache/httpd-mod_fcgid/commit/b1afa70840b4ab4e6fbc12ac8798b2f3ccc336b2nvd
News mentions
0No linked articles in our index yet.