CVE-2010-3190

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2010-3190 is a vulnerability in the way that certain versions of Apache HTTP Server handle multiple overlapping ranges of bytes in an HTTP request. When exploited, an attacker could potentially cause a denial of service by consuming excessive resources on the server. The vulnerability was given a CVSS score of 7.8 out of 10, indicating a high severity level. The vulnerability was discovered and reported by security researcher Kingcope in August 2010. Apache released a patch to address the issue soon after it was reported. However, a few weeks later, a public exploit was published which allowed attackers to easily exploit the vulnerability. This led to a surge in attacks targeting servers running vulnerable versions of Apache HTTP Server. In response, various security vendors and organizations issued alerts and recommendations to help mitigate the risk posed by CVE-2010-3190. System administrators were advised to update their Apache installations to the latest version, or to apply the relevant patch if an upgrade was not feasible. Additionally, some suggested configuring web application firewalls to block requests that exploit the vulnerability. By taking these measures, organizations could reduce the likelihood of falling victim to an attack that exploits this particular vulnerability.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2010-3190 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards