Libmicrohttpd
CVE-2013-7038
MEDIUM
Severity by source
AV:N/AC:L/Au:N/C:P/I:N/A:P
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:P/I:N/A:P
Lifecycle Timeline
1DescriptionCVE.org
The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read.
AnalysisAI
The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read. Affected products include: Gnu Libmicrohttpd. Version information: before 0.9.32.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Libmicrohttpd
View allGNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data b
A flaw was found in libmicrohttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no au
Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNEC
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. Rated high severity (CVSS 8.7), t
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. Rated high severity (CVSS 8.7), t
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today