cbcvebase.
CVE-2012-10053
published 2025-08-08

CVE-2012-10053: Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an…

PriorityP268critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.46%
70.3th percentile
Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
pmsoftwaresimple_web_server

Detection & IOCsextracted from sources · hover to see the quote

otherConnection: [overly long string]
  • Monitor HTTP requests to Simple Web Server 2.2 rc2 for abnormally long values in the 'Connection' HTTP header, which triggers a stack-based buffer overflow via vsprintf() before any authentication occurs.
  • The exploit is triggered pre-authentication; any oversized Connection header from unauthenticated clients to Simple Web Server should be treated as a high-confidence attack indicator.
  • The Metasploit module targeting this vulnerability is 'exploits/windows/http/sws_connection_bof'; detections should focus on Windows 7 SP1 and Windows XP SP3 hosts running Simple Web Server 2.2 rc2.
  • ·DOC 3 (somplplayer_m3u.rb) is unrelated to CVE-2012-10053 and targets a completely different product (S.O.M.P.L 1.0 Player); no IOCs or hints were extracted from it.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.