CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Cherokee: >> Cherokee Httpd >> 0.4.16 Security Vulnerabilities

CVE-2004-1946

Format string vulnerability in the PRINT_ERROR function in common.c for Cherokee Web Server 0.4.16 and earlier allows local users to execute arbitrary code via format string specifiers in the -C command line argument. NOTE: it is not clear whether this issue could be exploited remotely, or if Cherokee is running at escalated privileges. Therefore it might not be a vulnerability.

CVSS Score

4.6

EPSS Score

0.001

Published

2004-04-19

Page 1

Vulnerabilities

Vulnerable Software

Cherokee: >> Cherokee Httpd >> 0.4.16 Security Vulnerabilities

Products

Pricing

Contact Us