CVE-2013-7039

Public on 2013-12-13
Modified on 2014-09-19
Description

Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header.

Severity
Medium
See what this means
CVSS v3 Base Score
5.1
See breakdown

Affected Packages

Platform Package Release Date Advisory
Amazon Linux 1 libmicrohttpd 2014-06-15 ALAS-2014-353

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P
NVD CVSSv2 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P