Candidate: CVE-2009-1903
PublicDate: 2009-06-03 17:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1903
Description:
 The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote
 attackers to cause a denial of service (Apache httpd crash) via a request
 for a PDF file that does not use the GET method.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libapache-mod-security:
 upstream: http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/pdf_protect.c?r1=1258&r2=1257&pathrev=1258
upstream_libapache-mod-security: released (2.5.9-1)
dapper_libapache-mod-security: not-affected (code not present)
hardy_libapache-mod-security: DNE
intrepid_libapache-mod-security: DNE
jaunty_libapache-mod-security: ignored (reached end-of-life)
karmic_libapache-mod-security: not-affected (2.5.9-1)
lucid_libapache-mod-security: not-affected (2.5.9-1)
maverick_libapache-mod-security: not-affected (2.5.9-1)
devel_libapache-mod-security: not-affected (2.5.9-1)