Description
Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.
Remediation
References
Related Vulnerabilities
WordPress Denial of Service Vulnerability (3.5 - 3.6.1)
Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3)
WordPress Plugin WordPress Mobile Pack Information Disclosure (2.1.2)
WordPress Plugin IMDb Profile Widget Local File Inclusion (1.0.8)
WordPress Plugin OMGF-Host Google Fonts Locally Multiple Vulnerabilities (4.5.3)