Home CVE Database CVE-2015-3183

CVE-2015-3183

Description

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.

Priority: Medium
CVSS v3: 0.0
Publish Date: Jul 20, 2015
Related ID: --
CVSS v2: 5.0
Modified Date: Jul 21, 2015

Find out more about CVE-2015-3183 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Not Vulnerable -- -- --
Wind River Linux 9 Not Vulnerable -- -- --
Wind River Linux 8 Fixed -- 8.0.0.0 --
Wind River Linux LTS 18 Not Vulnerable -- -- --
Wind River Linux LTS 19 Not Vulnerable -- -- --
Wind River Linux CD release Not Vulnerable -- -- --
VxWorks
VxWorks 7 Not Vulnerable -- -- --
VxWorks 6.9 Not Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

apache

Live chat
Online