CVE-2010-1623

Description

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.

Software From Fixed in
apache / http_server 2.0.35 2.0.64
apache / http_server 2.2.0 2.2.17
apache / apr-util - 1.3.9.x
apache / apr-util 0.9.1 0.9.1.x
apache / apr-util 0.9.10 0.9.10.x
apache / apr-util 0.9.11 0.9.11.x
apache / apr-util 0.9.12 0.9.12.x
apache / apr-util 0.9.13 0.9.13.x
apache / apr-util 0.9.14 0.9.14.x
apache / apr-util 0.9.15 0.9.15.x
apache / apr-util 0.9.16 0.9.16.x
apache / apr-util 0.9.17 0.9.17.x
apache / apr-util 0.9.18 0.9.18.x
apache / apr-util 0.9.2 0.9.2.x
apache / apr-util 0.9.3 0.9.3.x
apache / apr-util 0.9.4 0.9.4.x
apache / apr-util 0.9.5 0.9.5.x
apache / apr-util 0.9.6 0.9.6.x
apache / apr-util 0.9.7 0.9.7.x
apache / apr-util 0.9.8 0.9.8.x
apache / apr-util 0.9.9 0.9.9.x
apache / apr-util 1.0 1.0.x
apache / apr-util 1.0.1 1.0.1.x
apache / apr-util 1.0.2 1.0.2.x
apache / apr-util 1.1.0 1.1.0.x
apache / apr-util 1.1.1 1.1.1.x
apache / apr-util 1.1.2 1.1.2.x
apache / apr-util 1.2.1 1.2.1.x
apache / apr-util 1.2.10 1.2.10.x
apache / apr-util 1.2.12 1.2.12.x
apache / apr-util 1.2.13 1.2.13.x
apache / apr-util 1.2.2 1.2.2.x
apache / apr-util 1.2.6 1.2.6.x
apache / apr-util 1.2.7 1.2.7.x
apache / apr-util 1.2.8 1.2.8.x
apache / apr-util 1.2.9 1.2.9.x
apache / apr-util 1.3.0 1.3.0.x
apache / apr-util 1.3.1 1.3.1.x
apache / apr-util 1.3.2 1.3.2.x
apache / apr-util 1.3.3 1.3.3.x
apache / apr-util 1.3.4 1.3.4.x
apache / apr-util 1.3.5 1.3.5.x
apache / apr-util 1.3.6 1.3.6.x
apache / apr-util 1.3.7 1.3.7.x
apache / apr-util 1.3.8 1.3.8.x