|
|
CVE Reference: CVE-2007-3009 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3009 |
|
|
Description: Format string vulnerability in the MprLogToFile::logEvent function in Mbedthis AppWeb 2.0.5-4, when the build supports logging but the configuration disables logging, allows remote attackers to cause a denial of service (daemon crash) via format string specifiers in the HTTP scheme, as demonstrated by a "GET %n://localhost:80/" request. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA25641 OSVDB 35510 MISC http://www.appwebserver.org/forum/viewtopic.php?t=969 BID 24454 |
|
| Return to the previous page. |
