Description

request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.

Remediation

References

CVE-2007-3947

Related Vulnerabilities

WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Security Bypass (3.2.1)

WordPress Plugin Answer My Question Cross-Site Scripting (1.3)

Java Unspesificed Vulnerability (CVE-2019-2422)

WordPress Plugin Ghost Arbitrary File Download (0.5.5)

YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4710)

Severity

Medium

Classification

CVE-2007-3947

Tags

Missing Update Known Vulnerabilities