Lucene search
PRIOn knowledge basePRION:CVE-2018-15504HistoryAug 18, 2018 - 3:29 a.m.
Null pointer dereference
2018-08-1803:29:00
PRIOn knowledge base
www.prio-n.com
3
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
| CPE | Name | Operator | Version |
|---|---|---|---|
| appweb | lt | 7.0.2 | |
| goahead | lt | 4.0.1 | |
| junos | eq | 12.1x46 d60 | |
| junos | eq | 12.1x46 d30 | |
| junos | eq | 12.1x46 d45 | |
| junos | eq | 12.1x46 d50 | |
| junos | eq | 12.1x46 d65 | |
| junos | eq | 12.1x46 d35 | |
| junos | eq | 12.1x46 d25 | |
| junos | eq | 12.1x46 d20 |
References
github.com/embedthis/appweb/commit/66067ae6d1fa08b37a270e7dc1821df52ed2daef
github.com/embedthis/appweb/issues/605
github.com/embedthis/goahead/issues/264
supportportal.juniper.net/s/article/2019-07-Security-Bulletin-Junos-OS-J-Web-Denial-of-Service-due-to-multiple-vulnerabilities-in-Embedthis-Appweb-Server
supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved
Related
cve
cve
CVE-2018-15504
2018-08-18 03:29:00
nvd
nvd
CVE-2018-15504
2018-08-18 03:29:00
cvelist
cvelist
CVE-2018-15504
2018-08-18 00:00:00
nessus
nessus
Juniper Embedthis GoAhead Denial Of Service Vulnerabilities (JSA10948)
2019-12-13 00:00:00
ics
ics
Hitachi Energy MSM
2023-05-09 12:00:00