Description

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.

Remediation

References

CVE-2007-3950

Related Vulnerabilities

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20350)

TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20114)

PHP NULL Pointer Dereference Vulnerability (CVE-2018-14884)

MediaWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2020-25827)

Magento Incorrect Authorization Vulnerability (CVE-2022-34256)

Severity

Medium

Classification

CVE-2007-3950

Tags

Missing Update Known Vulnerabilities