CVE-2017-7668 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Information disclosure
Description	An out-of-bounds read has been found in Apache httpd < 2.4.26. The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-316	apache	2.4.25-3	2.4.26-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
28 Jun 2017	ASA-201706-34	AVG-316	apache	High	multiple issues

References
https://httpd.apache.org/security/vulnerabilities_24.html