CVE-2013-7038

Currently unrated

Key Information:

Vendor: Gnu
Status: LIBMicrohttpd
Vendor: CVE Published:; 13 December 2013

Summary

The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read.

References

http://www.securityfocus.com/bid/64138

vdb-entryx_refsource_BID

https://bugs.gentoo.org/show_bug.cgi?id=493450

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1039384

x_refsource_CONFIRM

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 13, 2013
Vulnerability Reserved
Dec 9, 2013