4 matches found
Cesanta Mongoose Websocket Protocol Fragmented Packet Code Execution Vulnerability(CVE-2017-2922)
Summary An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited...
CVE-2017-2922
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to...
CVE-2017-2922
CVE-2017-2922 affects Cesanta Mongoose 6.8 (Websocket protocol handling). A memory corruption via fragmented WebSocket frames can trigger a use-after-free when reassembling data in mg_deliver_websocket_data, due to a buffer resize that invalidates pointers and leads to reads/writes on freed memor...
CVE-2017-2922
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to...