Vulnerability Details CVE-2004-2299
Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.056
EPSS Ranking 89.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.osvdb.org/12944
- http://www.securityfocus.com/archive/1/363651
- http://www.securityfocus.com/bid/10376
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16190
- http://www.osvdb.org/12944
- http://www.securityfocus.com/archive/1/363651
- http://www.securityfocus.com/bid/10376
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16190
Products affected by CVE-2004-2299
-
cpe:2.3:a:omnicron:omnihttpd:1.1
-
cpe:2.3:a:omnicron:omnihttpd:2.0.4
-
cpe:2.3:a:omnicron:omnihttpd:2.0.5
-
cpe:2.3:a:omnicron:omnihttpd:2.0.6
-
cpe:2.3:a:omnicron:omnihttpd:2.0.7
-
cpe:2.3:a:omnicron:omnihttpd:2.0.8
-
cpe:2.3:a:omnicron:omnihttpd:2.0_9
-
cpe:2.3:a:omnicron:omnihttpd:2.0_alpha_1
-
cpe:2.3:a:omnicron:omnihttpd:2.0_alpha_2
-
cpe:2.3:a:omnicron:omnihttpd:2.10
-
cpe:2.3:a:omnicron:omnihttpd:2.4_pro
-
cpe:2.3:a:omnicron:omnihttpd:3.0a