Описание
Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path.
Ссылки
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 1.2 (включая) до 1.5 (исключая)
Одно из
cpe:2.3:a:mathopd:mathopd:*:*:*:*:*:*:*:*
cpe:2.3:a:mathopd:mathopd:1.5:-:*:*:*:*:*:*
cpe:2.3:a:mathopd:mathopd:1.5:beta13:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.12374
Средний
7.5 High
CVSS2
Дефекты
CWE-120
Связанные уязвимости
debian
больше 21 года назад
Buffer overflow in the prepare_reply function in request.c for Mathopd ...
github
больше 3 лет назад
Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path.
EPSS
Процентиль: 94%
0.12374
Средний
7.5 High
CVSS2
Дефекты
CWE-120