Vulnerability Description
The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Traffic Server | 5.3.0 |
Related Weaknesses (CWE)
References
- http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR3
- http://www.securityfocus.com/bid/101631Third Party AdvisoryVDB Entry
- https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-Issue TrackingThird Party Advisory
- http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR3
- http://www.securityfocus.com/bid/101631Third Party AdvisoryVDB Entry
- https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-Issue TrackingThird Party Advisory
FAQ
What is CVE-2015-3249?
CVE-2015-3249 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary c...
How severe is CVE-2015-3249?
CVE-2015-3249 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2015-3249?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Traffic Server.