CVE-2004-1680

2005-02-2005:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow.

References

secunia.com/advisories/12523

www.atstake.com/research/advisories/2004/a091304-2.txt

www.securityfocus.com/bid/11161

exchange.xforce.ibmcloud.com/vulnerabilities/17346