The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
Medium
Date | CVE | Title | CVSS |
---|---|---|---|
2008-01-08 | CVE-2007-6421 | Cross-Site Scripting (XSS) vulnerability in Apache HTTP Server | 3.5 |
2008-01-08 | CVE-2007-6388 | Cross-Site Scripting (XSS) vulnerability in Apache HTTP Server | 4.3 |