Jasper Httpdx vulnerabilities
6 known vulnerabilities affecting jasper/httpdx.
Total CVEs
6
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-3711P2CRITICALCVSS 10.0PoCv1.4v1.4.32009-10-16
CVE-2009-3711 [CRITICAL] CWE-119 CVE-2009-3711: Stack-based buffer overflow in the h_handlepeer function in http.cpp in httpdx 1.4, and possibly 1.4
Stack-based buffer overflow in the h_handlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
nvd
CVE-2009-4769P2CRITICALCVSS 9.3PoCv1.4v1.4.5+3 more2010-04-20
CVE-2009-4769 [CRITICAL] CWE-134 CVE-2009-4769: Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, an
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET request to the HTTP server component when logging is enabled, and allow (2) remote authenticated users to execute arbitrary code via format string specifi
nvd
CVE-2009-3663P3CRITICALCVSS 10.0PoCv1.42009-10-11
CVE-2009-3663 [CRITICAL] CWE-134 CVE-2009-3663: Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows
Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.
nvd
CVE-2009-4531P4MEDIUMCVSS 5.0PoC≤ 1.4.4v1.4+1 more2009-12-31
CVE-2009-4531 [MEDIUM] CWE-200 CVE-2009-4531: httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appendi
httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.
nvd
CVE-2024-0419P3HIGHCVSS 7.5v1.5.0v1.5.1+3 more2024-01-11
CVE-2024-0419 [HIGH] CWE-404 CVE-2024-0419: A vulnerability was found in Jasper httpdx up to 1.5.4 and classified as problematic. This issue aff
A vulnerability was found in Jasper httpdx up to 1.5.4 and classified as problematic. This issue affects some unknown processing of the component HTTP POST Request Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vul
nvd
CVE-2009-4770P3HIGHCVSS 7.5v1.4v1.4.5+3 more2010-04-20
CVE-2009-4770 [HIGH] CWE-255 CVE-2009-4770: The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 has a default password of pass
The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 has a default password of pass123 for the moderator account, which makes it easier for remote attackers to obtain privileged access.
nvd