CVE-2009-1903

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.

Date published : 2009-06-03

http://www.securityfocus.com/bid/34096

http://sourceforge.net/project/shownotes.php?release_id=667538