Search for vulnerabilities
Vulnerability details: VCID-a5d5-k9b3-pfbm
Vulnerability ID VCID-a5d5-k9b3-pfbm
Aliases CVE-2011-3607
Summary An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.
Status Published
Exploitability 2.0
Weighted Severity 2.1
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
epss 0.00346 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00346 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00346 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2011-3607
apache_httpd low https://httpd.apache.org/security/json/CVE-2011-3607.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json
https://api.first.org/data/v1/epss?cve=CVE-2011-3607
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
769844 https://bugzilla.redhat.com/show_bug.cgi?id=769844
CVE-2011-3607 https://httpd.apache.org/security/json/CVE-2011-3607.json
CVE-2011-4415;CVE-2011-3607 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt
CVE-2011-4415;CVE-2011-3607 Exploit http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
RHSA-2012:0128 https://access.redhat.com/errata/RHSA-2012:0128
RHSA-2012:0323 https://access.redhat.com/errata/RHSA-2012:0323
RHSA-2012:0542 https://access.redhat.com/errata/RHSA-2012:0542
RHSA-2012:0543 https://access.redhat.com/errata/RHSA-2012:0543
USN-1368-1 https://usn.ubuntu.com/1368-1/
Data source Exploit-DB
Date added March 29, 2017
Description Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow
Ransomware campaign use Unknown
Source publication date Nov. 2, 2011
Exploit type dos
Platform linux
Source update date March 29, 2017
Source URL http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
Exploit Prediction Scoring System (EPSS)
Percentile 0.56665
EPSS Score 0.00346
Published At Aug. 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:55.010576+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2011-3607.json 37.0.0