Denial of Service Vulnerability in libhtp by Open Information Security Foundation
CVE-2015-0928

7.5HIGH

Key Information:

Vendor: Oisf
Status: Libhtp
Vendor: CVE Published:; 28 August 2017

What is CVE-2015-0928?

The libhtp library version 0.5.15 is vulnerable to a denial of service attack that can be exploited by remote attackers. This vulnerability is caused by a NULL pointer dereference which can prevent the system from processing requests, leading to potential service downtime and impacts on application stability. Users and administrators should consider immediate upgrades or patches to mitigate this risk and ensure continued operational reliability.

References

https://redmine.openinfosecfoundation.org/issues/1272

x_refsource_MISC

http://www.securityfocus.com/bid/73117

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2017
Vulnerability Reserved
Jan 10, 2015

Oisf

What is CVE-2015-0928?

References

CVSS V3.1

Timeline