Vulnerability Description
Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) URI in an HTTP request.
CVSS Score
9.0
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Frank Yaul | Corehttp | 0.5.3_alpha |
References
- http://osvdb.org/46831
- http://www.securityfocus.com/bid/25120
- https://www.exploit-db.com/exploits/4243
- http://osvdb.org/46831
- http://www.securityfocus.com/bid/25120
- https://www.exploit-db.com/exploits/4243
FAQ
What is CVE-2007-4060?
CVE-2007-4060 is a vulnerability with a CVSS score of 9.0 (HIGH). Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) UR...
How severe is CVE-2007-4060?
CVE-2007-4060 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4060?
Check the references section above for vendor advisories and patch information. Affected products include: Frank Yaul Corehttp.