CVE-2004-0493

medium Apache
CVSS v3 Base Score
6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P
EPSS Score
90.5%
Exploitation probability in 30 days
Top 0% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
P
Published: August 6, 2004 (7951 days ago)
Last Modified: April 16, 2026
Vendor: Apache
Source: NVD

Description

The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.

CWE

NVD-CWE-Other

Affected Products

avaya converged communications servergentoo linuxtrustix secure linuxapache http serveribm http serveravaya s8300avaya s8500avaya s8700

References

🔗 lists.grok.org.uk 🔗 marc.info 🔗 marc.info 🔗 security.gentoo.org 🔗 www.apacheweek.com