Lucene search

K
cve[email protected]CVE-2007-3950
HistoryJul 24, 2007 - 12:30 a.m.

CVE-2007-3950

2007-07-2400:30:00
NVD-CWE-Other
web.nvd.nist.gov
41
4
cve-2007-3950
lighttpd
denial of service
daemon crash
format specifiers
mod_scgi
mod_fastcgi
mod_webdav
nvd

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.

CPENameOperatorVersion
lighttpd:lighttpdlighttpdle1.4.15

Social References

More

6.4 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

Related for CVE-2007-3950