CVE-2003-0789

critical

Apache

CVSS v3 Base Score

10.0

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

8.2%

Exploitation probability in 30 days

Top 8% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: November 3, 2003 (8228 days ago)

Last Modified: April 16, 2026

Vendor: Apache

Source: NVD

Description

mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.

CWE

NVD-CWE-noinfo

Affected Products

apache http server

References

🔗 apache.secsup.org 🔗 distro.conectiva.com.br 🔗 docs.info.apple.com 🔗 lists.apple.com 🔗 lists.apple.com

CVE-2003-0789

Vulnerability Report

Description

CWE

Affected Products

References