Integer Overflow and Heap-Based Buffer Overflow in mod_dav_svn in Apache Subversion

Integer Overflow and Heap-Based Buffer Overflow in mod_dav_svn in Apache Subversion

CVE-2015-5343 · HIGH Severity

AV:N/AC:L/AU:S/C:P/I:P/A:C

Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.

Learn more about our Cis Benchmark Audit For Apache Http Server.