Apache HTTP Server Early Pushes Memory Corruption Vulnerability
A vulnerability in the mod_http2 module of the Apache HTTP Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to a memory corruption condition that could occur on very early pushing by the affected software. An attacker could exploit this vulnerability to overwrite memory in the pushing request pool. A successful exploit could cause the affected software to crash, resulting in a DoS condition.
Apache has confirmed the vulnerability and released software updates.
Security Impact Rating: High