Search for vulnerabilities
Vulnerability details: VCID-v8ha-n4rz-8qb8
Vulnerability ID VCID-v8ha-n4rz-8qb8
Aliases CVE-2009-1195
Summary A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended.
Status Published
Exploitability 0.5
Weighted Severity 2.1
Risk 1.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00128 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.00128 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.00128 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
epss 0.0031 https://api.first.org/data/v1/epss?cve=CVE-2009-1195
apache_httpd low https://httpd.apache.org/security/json/CVE-2009-1195.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json
https://api.first.org/data/v1/epss?cve=CVE-2009-1195
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
489436 https://bugzilla.redhat.com/show_bug.cgi?id=489436
530834 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834
CVE-2009-1195 https://httpd.apache.org/security/json/CVE-2009-1195.json
RHSA-2009:1075 https://access.redhat.com/errata/RHSA-2009:1075
RHSA-2009:1155 https://access.redhat.com/errata/RHSA-2009:1155
RHSA-2009:1160 https://access.redhat.com/errata/RHSA-2009:1160
USN-787-1 https://usn.ubuntu.com/787-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.33234
EPSS Score 0.00128
Published At Aug. 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:49.357922+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2009-1195.json 37.0.0