HorrorCode writes:  

SECUNIA ADVISORY ID: SA34256

VERIFY ADVISORY: http://secunia.com/advisories/34256/

DESCRIPTION: Two vulnerabilities have been reported in ModSecurity, which can be exploited by malicious people to cause a DoS (Denial of Service). Successful exploitation requires that PDF XSS protection is enabled (disabled by default).

1) An error in the PDF XSS protection implementation can be exploited to cause a crash via a specially crafted HTTP request.Successful exploitation requires that PDF XSS protection is enabled (disabled by default).

2) An error when parsing multipart requests can be exploited to cause a crash via multipart content with a missing part header name.

SOLUTION: Update to version 2.5.9.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Steve Grubb, Red Hat
2) Internet Security Auditors

ORIGINAL ADVISORY:
http://www.modsecurity.org/
http://sourceforge.net/project/shownotes.php?release_id=667538
http://sourceforge.net/project/shownotes.php?release_id=667542