CVE-2009-1191 would affect RHEL5.x?
Issue
- Confirmination of CVE-2009-1191 fix date by RHEL5.x.
-
The problem occurs in the environment to make Apache httpd and JBoss cooperate.
-
The problem that a different session was displayed in user's browser was occured.
- When user connected to IContSelect.html, but IScheDetail.html was displaied on the users browser.
- I confirmed a similar case in the Apache bug track.
- Bug 46949 - Apache httpd serves sometimes content from another thread https://issues.apache.org/bugzilla/show_bug.cgi?id=46949
Environment
- OS: Red Hat Enterprise Linux 5.2 x86_64
- HTTP Server: httpd-2.2.3-11.el5_1.3
- Application server: jboss-4.2.2 GA
- module: mod_proxy_ajp
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.