3 matches found
CVE-2009-4490
minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...
CVE-2009-4490
CVE-2009-4490 affects mini_httpd 1.19. The flaw: logging non-printable characters without sanitization may let a remote attacker craft an HTTP request with an escape sequence to modify a window title and potentially execute arbitrary code or overwrite files. The Gentoo advisory GLSA 201206-27 des...
Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability
Acme SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.100447";...