CVE Vulnerability

CVE-2007-2415

Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a "clean" exit in which "the server I/O loop finishes and the process exits normally."

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

Scope

References
Link Resource
http://sourceforge.net/forum/forum.php?thread_id=1725156&forum_id=131392
http://www.securityfocus.com/bid/23713
http://secunia.com/advisories/25009 Patch Vendor Advisory
http://www.vupen.com/english/advisories/2007/1579 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33967
Configurations

Configuration 1

cpe:2.3:a:pi3web:pi3web_web_server:2.0.3_pl1:*:*:*:*:*:*:*
Information

Published : 2007-05-01 10:19

Updated : 2017-07-29 01:31

NVD link : CVE-2007-2415

Mitre link : CVE-2007-2415

Products Affected
No products.
CWE
CWE-399