Description

lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.

Remediation

References

CVE-2007-1870

Related Vulnerabilities

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-10352)

WordPress Plugin BigBlueButton Cross-Site Scripting (2.2.3)

Internet Information Services Other Vulnerability (CVE-2000-0858)

MySQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2079)

Oracle Database Server CVE-2008-0340 Vulnerability (CVE-2008-0340)

Severity

High

Classification

CVE-2007-1870

Tags

Missing Update Known Vulnerabilities