Home

CVE-2017-7659

Description

A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
38.383

Associated Vulnerability

VulnerabilityOS Platform
Update Apache to version 2.4.26Windows
Vulnerabilities CVE-2017-7659 are fixed in Apache 2.4.2Windows
Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.2.3Windows
Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.3.0Windows
Multiple vulnerabilities are fixed in macOS High Sierra 10.13.1Mac
Multiple vulnerabilities are fixed in Security Update 2017-001 macOS High Sierra v10.13.1Mac
apache2 security update(DSA-3896-1) apache2_2.4.10-10+deb8u9_kfreebsd-i386.debLinux
apache2 security update(DSA-3896-1) apache2_2.4.10-10+deb8u9_kfreebsd-amd64.debLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-debuginfo-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-debugsource-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-doc-2.4.23-29.13.1.noarch.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-example-pages-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-prefork-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-prefork-debuginfo-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-utils-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-utils-debuginfo-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-worker-2.4.23-29.13.1.x86_64.rpmLinux
SUSE-SU-2018:0261-1(SUSE Linux Enterprise Server 12-SP2 ) apache2-worker-debuginfo-2.4.23-29.13.1.x86_64.rpmLinux
Update Apache to version 2.4.26 (For Linux)Linux
NULL Pointer Dereference Vulnerability (CVE-2017-7659)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-601562macOS High Sierra 10.13.6 - Reboot Automatically
PATCH-601312Security Update 2017-001 macOS High Sierra v10.13.1

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234