CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-0983

lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 88.1%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2008-0983

Lighttpd » Lighttpd » Version: 1.4.10

cpe:2.3:a:lighttpd:lighttpd:1.4.10
Lighttpd » Lighttpd » Version: 1.4.11

cpe:2.3:a:lighttpd:lighttpd:1.4.11
Lighttpd » Lighttpd » Version: 1.4.12

cpe:2.3:a:lighttpd:lighttpd:1.4.12
Lighttpd » Lighttpd » Version: 1.4.13

cpe:2.3:a:lighttpd:lighttpd:1.4.13
Lighttpd » Lighttpd » Version: 1.4.14

cpe:2.3:a:lighttpd:lighttpd:1.4.14
Lighttpd » Lighttpd » Version: 1.4.15

cpe:2.3:a:lighttpd:lighttpd:1.4.15
Lighttpd » Lighttpd » Version: 1.4.16

cpe:2.3:a:lighttpd:lighttpd:1.4.16
Lighttpd » Lighttpd » Version: 1.4.17

cpe:2.3:a:lighttpd:lighttpd:1.4.17
Lighttpd » Lighttpd » Version: 1.4.18

cpe:2.3:a:lighttpd:lighttpd:1.4.18
Lighttpd » Lighttpd » Version: 1.4.7

cpe:2.3:a:lighttpd:lighttpd:1.4.7
Lighttpd » Lighttpd » Version: 1.4.8

cpe:2.3:a:lighttpd:lighttpd:1.4.8
Lighttpd » Lighttpd » Version: 1.4.9

cpe:2.3:a:lighttpd:lighttpd:1.4.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-0983

Products

Pricing

Contact Us