Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-0425

EPSS 86.82% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-0425

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache mod_isapi模块悬挂指针漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache HTTP Server是美国阿帕奇(Apache)软件基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 基于Windows平台的Apache HTTP Server 2.0.37至2.0.63版本,2.2.0至2.2.14版本,以及2.3.7之前2.3.x版本的mod_isapi中的modules/arch/win32/mod_isapi.c在ISAPI .dll模块调用isapi_unload之前不能确保请求处理已完成。远程攻击者借助与制作的请求,复位
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-0425

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-0425

登录查看更多情报信息。

Same Patch Batch · n/a · 2010-03-05 · 42 CVEs total

CVE-2010-0927IBM Lotus Domino readme.nsf页面远程跨站脚本漏洞
CVE-2009-4666Qualityunit Webradev Download Protect 多个PHP远程文件包含漏洞
CVE-2009-4667Phpmember WebMember 'form.php' SQL注入漏洞
CVE-2009-4668Cowon_America jetAudio 'JetCast.exe' 栈缓冲区溢出漏洞
CVE-2009-4669Beaussier RoomPHPlanning多个SQL注入漏洞
CVE-2009-4670Beaussier RoomPHPlanning 'admin/delitem.php' 授权问题漏洞
CVE-2009-4671Beaussier RoomPHPlanning 'Login.php' 授权问题漏洞
CVE-2009-4672WordPress 插件路径遍历漏洞
CVE-2009-4673Mole Group Adult Portal Script 'profile.php' SQL注入漏洞
CVE-2009-4674Mole Group 'admin/admin.php' 多个远程密码变更漏洞
CVE-2009-4675Mole Group Gastro Portal 'admin/admin_info/index.php' 远程更改密码漏洞
CVE-2009-4665Cutesoft_Components ASP.NET 'CuteSoft_Client/CuteEditor/Load.ashx' 目录遍历漏洞
CVE-2009-2753IBM Informix Dynamic Server ISM Portmapper服务librpc.dll库多个远程溢出漏洞
CVE-2009-2754IBM Informix Dynamic Server librpc.dll库远程栈溢出漏洞
CVE-2010-0408Apache mod_proxy_ajp模块入站请求体远程拒绝服务漏洞
CVE-2010-0419Linux kernel本地拒绝服务和权限提升漏洞
CVE-2010-0587Cisco Unified Communications Manager SCCP报文解析远程拒绝服务漏洞
CVE-2010-0588Cisco Unified Communications Manager SCCP报文解析远程拒绝服务漏洞
CVE-2010-0590Cisco Unified Communications Manager CMSIPUtility组件远程拒绝服务漏洞
CVE-2010-0591Cisco SIP报文解析远程拒绝服务漏洞

Showing top 20 of 42 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-0425

No comments yet

Leave a comment