[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96125

 
 

909

 
 

78020

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-4337

Date: (C)2007-08-14   (M)2015-12-16
 
CVSS Score: 5.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 4.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: NONE











Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124.

Reference:
SECTRACK-1018553
http://www.securityfocus.com/archive/1/archive/1/476302/100/0/threaded
BID-25278
SECUNIA-26406
SECUNIA-26814
SECUNIA-33052
SECUNIA-33061
OSVDB-39533
ADV-2007-2858
DSA-1683
GLSA-200709-03
http://sourceforge.net/project/shownotes.php?group_id=6172&release_id=531738
http://streamripper.cvs.sourceforge.net/streamripper/sripper_1x/lib/http.c?r1=1.38&r2=1.39

CWE    1
CWE-119
OVAL    1
oval:org.mitre.oval:def:8216

© 2013 SecPod Technologies