Описание
The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.8 (включая)
cpe:2.3:a:pablosoftwaresolutions:quick_\'n_easy_web_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02534
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-415
Связанные уязвимости
github
больше 3 лет назад
The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.
EPSS
Процентиль: 85%
0.02534
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-415