CVE-2007-0157 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-0157
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0157

Description: Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.

CVE Status: Candidate

References: SUSE http://www.novell.com/linux/security/advisories/2007_02_sr.html SAID Secunia Advisory: SA23763 Secunia Advisory: SA23751 Secunia Advisory: SA23984 OSVDB 39247 MLIST http://mailman.webdav.org/pipermail/cadaver/2007-January/001015.html http://mailman.webdav.org/pipermail/neon/2007-January/002362.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:013 CONFIRM http://www.webdav.org/cadaver/ http://bugs.debian.org/cgi-bin/bugreport.cgi/neon26_0.26.2-3_to_mdx1.diff?bug=404723;msg=5;att=2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723 BID 22035

Return to the previous page.