NuytsTech Security

CVE-2015-1548

by ·

mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read.

Date published : 2015-02-10

http://www.securityfocus.com/bid/73450

http://itinsight.hu/en/posts/articles/2015-01-23-mini-httpd/

Tags: