mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-06-10T17:00:00
Updated: 2024-08-06T15:20:37.197Z
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-1862
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-06-10T17:55:01.527
Modified: 2024-11-21T01:50:32.763
Link: CVE-2013-1862
Redhat