In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2019-04-08T21:31:09
Updated: 2021-06-06T10:11:34
Reserved: 2018-11-14T00:00:00
Link: CVE-2019-0211
JSON object: View
NVD Information
Status : Modified
Published: 2019-04-08T22:29:00.387
Modified: 2023-11-07T03:01:50.343
Link: CVE-2019-0211
JSON object: View
Redhat Information
No data.
CWE