Back to search
CVE-2007-0157
Published: Jan 9, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
23984
third-party-advisory
x_refsource_SECUNIA
[neon] 20070107 invalid chars cause sigserv in neon
mailing-list
x_refsource_MLIST
http://www.webdav.org/cadaver/
x_refsource_CONFIRM
[cadaver] 20070123 release 0.22.5
mailing-list
x_refsource_MLIST
MDKSA-2007:013
vendor-advisory
x_refsource_MANDRIVA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404723
x_refsource_CONFIRM
SUSE-SR:2007:002
vendor-advisory
x_refsource_SUSE
22035
vdb-entry
x_refsource_BID
ADV-2007-0172
vdb-entry
x_refsource_VUPEN
23763
third-party-advisory
x_refsource_SECUNIA
ADV-2007-0362
vdb-entry
x_refsource_VUPEN
23751
third-party-advisory
x_refsource_SECUNIA
39247
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now