Heap-Based Buffer Overflow in MiniWeb HTTP Server by MiniWeb
CVE-2008-0337

Currently unrated

Key Information:

Vendor: Miniweb Http Server
Status: Miniweb Http Server
Vendor: CVE Published:; 17 January 2008

🔔 Create Miniweb Http Server Vulnerability Alert

What is CVE-2008-0337?

The MiniWeb HTTP Server 0.8.19 is susceptible to a heap-based buffer overflow in the _mwProcessReadSocket function within http.c. This vulnerability allows remote attackers to execute arbitrary code by sending specially crafted long URIs to the server. Exploitation of this flaw can compromise the integrity and security of the affected system, making it crucial for users to be vigilant and implement security patches as necessary.

References

http://www.bugtraq.ir/adv/miniweb_english.pdf

x_refsource_MISC

https://www.exploit-db.com/exploits/4923

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2008/0176

vdb-entryx_refsource_VUPEN

EPSS Score

13% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 17, 2008
Vulnerability Reserved
Jan 17, 2008