Description

lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.

Remediation

References

CVE-2007-1870

Related Vulnerabilities

WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)

WordPress Plugin Basic Google Maps Placemarks Cross-Site Scripting (1.10.2)

WordPress Plugin Yakadanda Google+ Hangout Events Cross-Site Scripting (0.3.7)

WordPress Improper Input Validation Vulnerability (CVE-2011-3127)

PHP Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-4642)

Severity

High

Classification

CVE-2007-1870

Tags

Missing Update Known Vulnerabilities