6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.039 Low
EPSS
Percentile
92.1%
Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL.
secunia.com/advisories/31323/
secunia.com/advisories/31380
secunia.com/advisories/31866
www.debian.org/security/2008/dsa-1626
www.httrack.com/history.txt
www.securityfocus.com/bid/30425
www.venustech.com.cn/NewsInfo/124/2032.Html
www.vupen.com/english/advisories/2008/2221/references
exchange.xforce.ibmcloud.com/vulnerabilities/44167
www.redhat.com/archives/fedora-package-announce/2008-September/msg00707.html
www.redhat.com/archives/fedora-package-announce/2008-September/msg00711.html