CVE-2012-10053
published 2025-08-08CVE-2012-10053: Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an…
PriorityP268critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.46%
70.3th percentile
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pmsoftware | simple_web_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to Simple Web Server 2.2 rc2 for abnormally long values in the 'Connection' HTTP header, which triggers a stack-based buffer overflow via vsprintf() before any authentication occurs. ↗
- →The exploit is triggered pre-authentication; any oversized Connection header from unauthenticated clients to Simple Web Server should be treated as a high-confidence attack indicator. ↗
- →The Metasploit module targeting this vulnerability is 'exploits/windows/http/sws_connection_bof'; detections should focus on Windows 7 SP1 and Windows XP SP3 hosts running Simple Web Server 2.2 rc2. ↗
- ·DOC 3 (somplplayer_m3u.rb) is unrelated to CVE-2012-10053 and targets a completely different product (S.O.M.P.L 1.0 Player); no IOCs or hints were extracted from it. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Metasploit
Simple Web Server Connection Header Buffer Overflow
metasploit
Simple Web Server Connection Header Buffer Overflow
Simple Web Server Connection Header Buffer Overflow
This module exploits a vulnerability in Simple Web Server 2.2 rc2. A remote user can send a long string data in the Connection Header to causes an overflow on the stack when function vsprintf() is used, and gain arbitrary code execution. The module has been tested successfully on Windows 7 SP1 and Windows XP SP3.
Metasploit
S.O.M.P.L 1.0 Player Buffer Overflow
metasploit
S.O.M.P.L 1.0 Player Buffer Overflow
S.O.M.P.L 1.0 Player Buffer Overflow
This module exploits a buffer overflow in Simple Open Music Player v1.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
No writeups or analysis indexed.
http://ghostinthelab.wordpress.com/2012/07/19/simplewebserver-2-2-rc2-remote-buffer-overflow-exploit/http://www.pmx.it/software/sws.asphttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/sws_connection_bof.rbhttps://www.exploit-db.com/exploits/19937https://www.exploit-db.com/exploits/20028https://www.vulncheck.com/advisories/simple-web-server-connection-header-buffer-overflowhttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/sws_connection_bof.rbhttps://www.exploit-db.com/exploits/19937https://www.exploit-db.com/exploits/20028
2025-08-08
Published