Buffer overflow in Gnu Libmicrohttpd
CVE-2013-7038
The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read.
Vulnerability class: Buffer Overflow
EPSS: 0.018 (76.1th percentile) — read the EPSS interpretation.
Affected products
- Gnu Libmicrohttpd — versions 0.9.16, 0.9.17, 0.9.18
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (mailing-list, x_refsource_MLIST)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)