[email protected]CVE-2006-5876

HistoryJan 16, 2007 - 7:28 p.m.

CVE-2006-5876

2007-01-1619:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5876

libsoup

denial of service

http library

nvd

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.149 Low

EPSS

Percentile

95.8%

JSON

The soup_headers_parse function in soup-headers.c for libsoup HTTP library before 2.2.99 allows remote attackers to cause a denial of service (crash) via malformed HTTP headers, probably involving missing fields or values.

CPENameOperatorVersion
libsoup:libsouplibsoupeq2.2.98

CPE	Name	Operator	Version
libsoup:libsoup	libsoup	eq	2.2.98

References

fedoranews.org/cms/node/2509

ftp.gnome.org/pub/gnome/sources/libsoup/2.2/libsoup-2.2.99.news

osvdb.org/31667

secunia.com/advisories/23734

secunia.com/advisories/23770

secunia.com/advisories/23871

secunia.com/advisories/23873

secunia.com/advisories/23961

secunia.com/advisories/23976

www.debian.org/security/2007/dsa-1248

www.mandriva.com/security/advisories?name=MDKSA-2007:029

www.securityfocus.com/bid/22034

www.ubuntu.com/usn/usn-411-1

www.vupen.com/english/advisories/2007/0173

exchange.xforce.ibmcloud.com/vulnerabilities/31519

issues.rpath.com/browse/RPL-965

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.149 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2006-5876

openvas13 nessus8 ubuntucve1 osv1 securityvulns2 debian1 ubuntu1