VYPR
Unrated severityNVD Advisory· Published Jan 28, 2012· Updated Jun 16, 2026

CVE-2012-0021

CVE-2012-0021

Description

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14

Patches

Vulnerability mechanics

References

28

News mentions

0

No linked articles in our index yet.