ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a «string index out of range» error and worker-process crash for a «Cookie: =abc» header.
