// For flags

CVE-2007-0157

 

Severity Score

7.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.

Error de índice de array en la función uri_lookup del intérprete de URI para neon 0.26.0 hasta 0.26.2, posiblemente sólo en plataformas de 54 bits, permite a servidores remotos maliciosos provocar una denegación de servicio (caída) mediante un URI con caracteres no-ASCII, lo que dispara una lectura de búfer por debajo del límite inferior debido a un error de conversión de tipos que genera un índice negativo.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-01-09 CVE Reserved
  • 2007-01-09 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-09-14 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Neon
Search vendor "Neon"
Neon
Search vendor "Neon" for product "Neon"
0.26.0
Search vendor "Neon" for product "Neon" and version "0.26.0"
-
Affected
Neon
Search vendor "Neon"
Neon
Search vendor "Neon" for product "Neon"
0.26.1
Search vendor "Neon" for product "Neon" and version "0.26.1"
-
Affected
Neon
Search vendor "Neon"
Neon
Search vendor "Neon" for product "Neon"
0.26.2
Search vendor "Neon" for product "Neon" and version "0.26.2"
-
Affected