206 matches found
CVE-2013-7038
CVE-2013-7038 affects libmicrohttpd up to version prior to 0.9.32. The MHD_http_unescape function may trigger an out-of-bounds read, allowing remote attackers to obtain sensitive information and/or cause a denial of service (crash). Several advisories (openSUSE/SUSE/Mageia/OpenVAS listings) indic...
CVE-2013-7039
CVE-2013-7039 affects libmicrohttpd up to 0.9.32, where a stack-based buffer overflow in MHD_digest_auth_check (triggered when MHD_OPTION_CONNECTION_MEMORY_LIMIT is large) can cause a crash or potentially allow remote code execution via a long URI in an authentication header. Public responses in ...
CVE-2013-7039
Stack-based buffer overflow in the MHDdigestauthcheck function in libmicrohttpd before 0.9.32, when MHDOPTIONCONNECTIONMEMORYLIMIT is set to a large value, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long URI in an authentication header...
CVE-2013-7038
The MHDhttpunescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read...
CVE-2013-7039
Stack-based buffer overflow in the MHDdigestauthcheck function in libmicrohttpd before 0.9.32, when MHDOPTIONCONNECTIONMEMORYLIMIT is set to a large value, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long URI in an authentication header...
CVE-2013-7038
The MHDhttpunescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read...