Lucene search

[email protected]CVE-2007-5893

HistoryNov 08, 2007 - 2:46 a.m.

CVE-2007-5893

2007-11-0802:46:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-5893

httpsocket.cpp

c++ sockets library

denial of service

crash

http request

protocol version.

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote attackers to cause a denial of service (crash) via an HTTP request with a missing protocol version number, which triggers an exception. NOTE: some of these details were obtained from third party information.

Affected configurations

NVD

Node

alhemc\+\+_sockets_libraryMatch2.2.4

CPENameOperatorVersion
alhem:c\+\+_sockets_libraryalhem c++ sockets libraryeq2.2.4

CPE	Name	Operator	Version
alhem:c\+\+_sockets_library	alhem c++ sockets library	eq	2.2.4

References

osvdb.org/42105

secunia.com/advisories/27535

www.alhem.net/Sockets/Changelog

www.securityfocus.com/bid/26361

exchange.xforce.ibmcloud.com/vulnerabilities/38309

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.5%

JSON

Related for CVE-2007-5893

prion1 cvelist1 nvd1