CVSS: 10.0EPSS: 5%CPEs: 4EXPL: 0CVE-2010-1937
https://notcve.org/view.php?id=CVE-2010-1937
Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB before 1.3.8 might allow remote attackers to execute arbitrary code via a Content-Length HTTP header that specifies a value too small for the amount of POST data, aka bug #3001896. Desbordamiento de búfer basado en pila en httpAdapter.c en httpAdapter en SBLIM SFCB en versiones anteriores a la 1.3.8 puede permitir a usuarios remotos ejecutar código de su elección mediante una cabecera HTTP Content-Lengh que especifica un valor demasiado pequeño para la cantidad de datos POST, también conocido como bug #3001896. • http://marc.info/?l=bugtraq&m=127549079109192&w=2 http://sblim.cvs.sourceforge.net/viewvc/sblim/sfcb/httpAdapter.c?r1=1.84&r2=1.85 http://secunia.com/advisories/40018 http://sourceforge.net/tracker/index.php?func=detail&aid=3001896&group_id=128809&atid=712784 http://www.vupen.com/english/advisories/2010/1312 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3145
https://notcve.org/view.php?id=CVE-2005-3145
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service (resource consumption) by connecting to sblim-sfcb but not sending any data. • http://secunia.com/advisories/16975 http://sourceforge.net/project/shownotes.php?release_id=359700 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3144
https://notcve.org/view.php?id=CVE-2005-3144
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers. • http://secunia.com/advisories/16975 http://sourceforge.net/project/shownotes.php?release_id=359700 http://www.securityfocus.com/bid/14972 •