Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: apache-win32
Package Version: [cpe:/a:apache:http_server:2.2.25]

Advisory: CVE-2009-3095
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2009-3095
  CVSS severity score: 7.5/10.0
  Confidence: high
  Description:

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
Advisory: CVE-2011-1752
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2011-1752
  CVSS severity score: 5/10.0
  Confidence: high
  Description:

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
Advisory: CVE-2011-1783
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2011-1783
  CVSS severity score: 4.3/10.0
  Confidence: high
  Description:

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.