UBUNTU-CVE-2013-4352

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2013-4352

Published: 20 Jul 2014, 11:12

Last modified:16 Jul 2025, 08:10

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

20 Jul 2014, 11:12

Published

Vulnerability first disclosed

16 Jul 2025, 08:10

Last Modified

Vulnerability information updated

Description

The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.

Affected Systems

ubuntu•apache2
< 2.4.7-1ubuntu4

References (3)

https://ubuntu.com/security/CVE-2013-4352
http://httpd.apache.org/security/vulnerabilities_24.html
https://www.cve.org/CVERecord?id=CVE-2013-4352