Vulnerability Description
Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | All versions |
| Apache | Http Server | 2.2.6 |
Related Weaknesses (CWE)
References
- http://securityreason.com/securityalert/3479
- http://www.securityfocus.com/archive/1/485316/100/0/threaded
- http://www.securityfocus.com/bid/26939
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39158
- http://securityreason.com/securityalert/3479
- http://www.securityfocus.com/archive/1/485316/100/0/threaded
- http://www.securityfocus.com/bid/26939
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39158
FAQ
What is CVE-2007-6514?
CVE-2007-6514 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via ...
How severe is CVE-2007-6514?
CVE-2007-6514 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6514?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Apache Http Server.