Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2010-1623

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10 as used in the mod_reqtimeout module in the Apache HTTP Server and other software allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.