CVE-2013-7039
published 2013-12-13CVE-2013-7039: Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large…
medium5.1CVSS 3.1
AVNACHAuNCPIPAP
Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libmicrohttpd | < libmicrohttpd 0.9.32-1 (bookworm) | libmicrohttpd 0.9.32-1 (bookworm) |
| gnu | libmicrohttpd | <= 0.9.31 | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | — | — |
| gnu | libmicrohttpd | >= 0 < 0.9.32-1 | 0.9.32-1 |
| gnu | libmicrohttpd | >= 0 < 0.9.32-1 | 0.9.32-1 |
| gnu | libmicrohttpd | >= 0 < 0.9.32-1 | 0.9.32-1 |
| gnu | libmicrohttpd | >= 0 < 0.9.32-1 | 0.9.32-1 |
CVSS provenance
nvd5.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM