Search for vulnerabilities
Vulnerability details: VCID-npw5-3hh9-r7fh
Vulnerability ID VCID-npw5-3hh9-r7fh
Aliases CVE-2005-3357
Summary A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the worker MPM.
Status Published
Exploitability 0.5
Weighted Severity 2.1
Risk 1.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.26603 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.26603 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.26603 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
epss 0.41908 https://api.first.org/data/v1/epss?cve=CVE-2005-3357
apache_httpd low https://httpd.apache.org/security/json/CVE-2005-3357.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3357.json
https://api.first.org/data/v1/epss?cve=CVE-2005-3357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357
1617818 https://bugzilla.redhat.com/show_bug.cgi?id=1617818
351246 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351246
CVE-2005-3357 https://httpd.apache.org/security/json/CVE-2005-3357.json
RHSA-2006:0159 https://access.redhat.com/errata/RHSA-2006:0159
USN-241-1 https://usn.ubuntu.com/241-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.96166
EPSS Score 0.26603
Published At Aug. 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:44.168471+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2005-3357.json 37.0.0