CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
95.8%
Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.
Vendor | Product | Version | CPE |
---|---|---|---|
salvo_tomaselli | weborf_http_server | * | cpe:2.3:a:salvo_tomaselli:weborf_http_server:*:*:*:*:*:*:*:* |
salvo_tomaselli | weborf_http_server | 0.10 | cpe:2.3:a:salvo_tomaselli:weborf_http_server:0.10:*:*:*:*:*:*:* |
salvo_tomaselli | weborf_http_server | 0.11 | cpe:2.3:a:salvo_tomaselli:weborf_http_server:0.11:*:*:*:*:*:*:* |
salvo_tomaselli | weborf_http_server | 0.12 | cpe:2.3:a:salvo_tomaselli:weborf_http_server:0.12:*:*:*:*:*:*:* |