Apache · Apache Http Server · CVE-2010-0434
**Name of the Vulnerable Software and Affected Versions**
Apache HTTP Server versions 2.2.x before 2.2.15
**Description**
The issue is related to the `ap read request` function in the Apache HTTP Server, specifically when a multithreaded MPM is used. It does not properly handle headers in subrequests under certain circumstances, potentially allowing remote attackers to obtain sensitive information via a crafted request. This could trigger access to memory locations associated with an earlier request.
**Recommendations**
For Apache HTTP Server versions 2.2.x before 2.2.15, update to version 2.2.15 or later to resolve the issue.