NULL pointer dereference vulnerability in mod_dav_svn in Apache Subversion before 1.7.19 and 1.8.x before 1.8.11

NULL pointer dereference vulnerability in mod_dav_svn in Apache Subversion before 1.7.19 and 1.8.x before 1.8.11

CVE-2014-8108 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.

Learn more about our Cis Benchmark Audit For Apache Http Server.