Published: 12/10/2005 Updated: 03/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.

Vulnerable Product	Search on Vulmon	Subscribe to Product
w3c libwww

Sam Varshavchik discovered several buffer overflows in the HTBoundary_put_block() function By sending specially crafted HTTP multipart/byteranges MIME messages, a malicious HTTP server could trigger an out of bounds memory access in the libwww library, which causes the program that uses the library to crash ...

CWE-20 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159597 http://www.securityfocus.com/advisories/9445 http://www.securityfocus.com/advisories/9444 http://www.securityfocus.com/bid/15035 http://secunia.com/advisories/17119 http://secunia.com/advisories/17814 http://secunia.com/advisories/17122 http://secunia.com/advisories/17489 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt http://secunia.com/advisories/19193 http://www.redhat.com/support/errata/RHSA-2007-0208.html http://secunia.com/advisories/25098 http://www.mandriva.com/security/advisories?name=MDKSA-2005:210 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9653 https://usn.ubuntu.com/220-1/https://usn.ubuntu.com/220-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-3183

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect