Frank Yaul Corehttp vulnerabilities
2 known vulnerabilities affecting frank_yaul/corehttp.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2007-4060P3CRITICALCVSS 9.0PoCv0.5.3_alpha2007-07-30
CVE-2007-4060 [CRITICAL] CVE-2007-4060: Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha
Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) URI in an HTTP request.
nvd
CVE-2009-3586P3HIGHCVSS 7.5PoCv0.5.3.12009-12-08
CVE-2009-3586 [HIGH] CVE-2009-3586: Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows remote attackers to cause a de
Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via an HTTP request with a long first line that triggers a buffer overflow. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2007-4060.
nvd