CVE-2014-9708
published 2015-03-31CVE-2014-9708: Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an…
medium5CVSS 3.1
AVNACLAuNCNINAP
Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| embedthis | appweb | < 4.6.6 | 4.6.6 |
| embedthis | appweb | >= 5.0.0 < 5.2.1 | 5.2.1 |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| oracle | enterprise_communications_broker | <= 2.0.0 | — |
| paloalto | pan-os | — | — |