|
|
CVE Reference: CVE-2007-4337 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4337 |
|
|
Description: Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124. |
|
|
CVE Status: Candidate |
|
|
References: ST 1018553 SAID Secunia Advisory: SA33061 Secunia Advisory: SA26406 Secunia Advisory: SA26814 Secunia Advisory: SA33052 OSVDB 39533 GENTOO http://security.gentoo.org/glsa/glsa-200709-03.xml DEBIAN http://www.debian.org/security/2008/dsa-1683 CONFIRM http://sourceforge.net/project/shownotes.php?group_id=6172&release_id=531738 http://streamripper.cvs.sourceforge.net/streamripper/sripper_1x/lib/http.c?r1=1.38&r2=1.39 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/476302/100/0/threaded BID 25278 |
|
| Return to the previous page. |
