Vulnerabilities (CVE)

Filtered by vendor Miniweb Http Server Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0337 1 Miniweb Http Server 1 Miniweb Http Server 2024-02-04 7.5 HIGH N/A
Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.
CVE-2007-3159 1 Miniweb Http Server 1 Miniweb Http Server 2024-02-04 5.0 MEDIUM N/A
http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header.
CVE-2008-0338 1 Miniweb Http Server 1 Miniweb Http Server 2024-02-04 5.0 MEDIUM N/A
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI.