2 matches found
CVE-2007-3009
Format string vulnerability in the MprLogToFile::logEvent function in Mbedthis AppWeb 2.0.5-4, when the build supports logging but the configuration disables logging, allows remote attackers to cause a denial of service daemon crash via format string specifiers in the HTTP scheme, as demonstrated...
CVE-2007-3009
The CVE-2007-3009 case concerns Mbedthis AppWeb 2.0.5-4, where a Format string vulnerability in MprLogToFile::logEvent can be triggered when logging is supported but disabled in configuration. The issue allows remote attackers to crash the daemon (DoS) by crafting HTTP scheme format specifiers, d...