May at worst give full access to the system web server runs on.
Apache Software Foundation is preparing a security update to the Foundation HTTP Server 2.2.x that eliminates three vulnerabilities. 
The most serious of the vulnerabilities caused by mod_isapi module unloads ISAPI modules for processing of requests is completed, which could potentially lead to the "orphans" call back-pointers will be abandoned. This can be exploited by sending a specially crafted query, followed by a reset-packed. On Windows-based systems, this can open for execution of arbitrary code with SYSTEM privileges.
The two other vulnerabilities open for, respectively, denial of service attack (DoS) and the disclosure of sensitive information.
More details about the vulnerabilities can be found on this page.
Vulnerabilities will be removed in version 2.2.15 of Apache HTTP Server.
End Of Post
