The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read.
2013-12-13T18:55:05.660
2025-04-11T00:51:21.963
Deferred
CVSSv2: 6.4 (MEDIUM)
AV:N/AC:L/Au:N/C:P/I:N/A:P
10.0
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gnu | libmicrohttpd | ≤ 0.9.31 | Yes |
| Application | gnu | libmicrohttpd | 0.9.16 | Yes |
| Application | gnu | libmicrohttpd | 0.9.17 | Yes |
| Application | gnu | libmicrohttpd | 0.9.18 | Yes |
| Application | gnu | libmicrohttpd | 0.9.19 | Yes |
| Application | gnu | libmicrohttpd | 0.9.20 | Yes |
| Application | gnu | libmicrohttpd | 0.9.21 | Yes |
| Application | gnu | libmicrohttpd | 0.9.22 | Yes |
| Application | gnu | libmicrohttpd | 0.9.23 | Yes |
| Application | gnu | libmicrohttpd | 0.9.24 | Yes |
| Application | gnu | libmicrohttpd | 0.9.25 | Yes |
| Application | gnu | libmicrohttpd | 0.9.26 | Yes |
| Application | gnu | libmicrohttpd | 0.9.27 | Yes |
| Application | gnu | libmicrohttpd | 0.9.28 | Yes |
| Application | gnu | libmicrohttpd | 0.9.29 | Yes |
| Application | gnu | libmicrohttpd | 0.9.30 | Yes |