CVE-2010-3872

HIGH7.5EPSS 0.94%

libapache2-mod-fcgid - stack overflow

Published: 11/22/2010Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-3872

Description

A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash.

Affected packages (2)

Debian/libapache2-mod-fcgidfrom 0, < 1:2.3.6-1
Debian/libapache2-mod-fcgidfrom 0, < 1:2.2-1+lenny1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3872