CVE-2003-0899

2003-11-03T05:00:00
ID CVE-2003-0899
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:29:00

Description

Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "<" and ">" sequences. This vulnerability is addressed in the following product release: Acme Labs, thttpd, 2.24