Unrated severityNVD Advisory· Published Dec 9, 2019· Updated Aug 6, 2024

CVE-2014-0242

Description

mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.

Affected products

Modx/Mod Wsgiv5
Range: before 3.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.htmlmitrex_refsource_MISC
modwsgi.readthedocs.org/en/latest/release-notes/version-3.4.htmlmitrex_refsource_MISC
www.openwall.com/lists/oss-security/2014/05/21/1mitrex_refsource_MISC
www.securityfocus.com/bid/67534mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000