CVE-2010-1623

EPSS 28.3%

apr-util - denial of service

Published: 10/4/2010Modified: 4/28/2026

Description

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.

Affected packages (3)

Debian/apache2from 0, < 2.2.16-3
Debian/apr-utilfrom 0, < 1.3.9+dfsg-4
Debian/apr-utilfrom 0, < 1.2.12+dfsg-8+lenny5

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-1623