58 matches found
CVE-2021-26706
The CVE-2021-26706 issue affects Micrium uC/OS uC/LIB 1.38.x and 1.39.00, where Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW can overflow when pool sizes exceed address space due to multiplication in size calculations. This can yield a smaller-than-expected memory pool and may be ex...
Silicon Labs Micriμm OS 输入验证错误漏洞
Silicon Labs Micriμm OS is an operating system from Silicon Labs, Inc. Important task scheduling and multitasking services are provided to ensure that the code is updated and extended even with new features on a regular basis. An input validation error vulnerability exists in Silicon Labs Micriμm...
CVE-2020-13583
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13583
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
Cross site request forgery (csrf)
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13583
CVE-2020-13583 affects Micrium uC-HTTP 3.01.00. TALOS details describe a denial-of-service caused by a NULL pointer dereference in the uC-HTTP server when handling multipart form data; specifically, if FormCfgPtr is NULL or FormBoundaryPtr is not allocated, HTTPsReq_HdrParse can dereference a NUL...
CVE-2020-13583
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
Threat Source newsletter (Jan. 28, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Unfortunately, I don’t have any stock tips to give you to help you get rich overnight. But I do have two Vulnerability Spotlights you should read so your network can stay safer. We disclosed multiple vulnerabilities in phpGACL and...
CVE-2020-13582
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13582
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
Cross site request forgery (csrf)
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13582
Micrium uC-HTTP 3.01.00’s HTTP Server contains a denial-of-service vulnerability due to an unchecked return value in the header-parsing path. Specifically, in the boundary parsing of multipart forms, Str_Char_N may return NULL, and the code proceeds to dereference it, causing a crash (segmentatio...
CVE-2020-13582
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
Vulnerability Spotlight: Denial-of-service vulnerabilities in Micrium uc-HTTP’s HTTP server
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Micrium uc-HTTP’s HTTP server that could cause denial-of-service conditions. An attacker could trigger these vulnerabilities by targeting the user machine...
Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability
Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...
Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability
Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...
Micrium uC-HTTP Code Issue Vulnerability
Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A code issue vulnerability exists in Micrium uC-HTTP versi...
micrium.com XSS vulnerability
Vulnerable URL: https://www.micrium.com/downloadcenter/download-results/?searchterm='=true Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 256383 VIP website status:| No Check...