Back to search
CVE-2007-2197
Published: Apr 24, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Race condition in the NeatUpload ASP.NET component 1.2.11 through 1.2.16, 1.1.18 through 1.1.23, and trunk.379 through trunk.445 allows remote attackers to obtain other clients' HTTP responses via multiple simultaneous requests, which triggers multiple calls to HttpWorkerRequest.FlushResponse for the same HttpWorkerRequest object and causes a buffer to be reused for a different request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
23578
vdb-entry
x_refsource_BID
neatupload-responses-information-disclosure(33785)
vdb-entry
x_refsource_XF
20070420 NeatUpload vulnerability and fix
mailing-list
x_refsource_BUGTRAQ
25003
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now