Description
mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions.
Remediation
References
Related Vulnerabilities
WordPress Plugin AB Google Map Travel (AB-MAP) Multiple Vulnerabilities (3.4)
PostgreSQL CVE-2017-7547 Vulnerability (CVE-2017-7547)
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-1613)
WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.1)
IBM RTC Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0748)