CVE-2017-14149

GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request.
References
Link Resource
https://github.com/shadow4u/goaheaddebug/blob/master/README.md Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:embedthis:goahead:3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.6.2:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.4:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.5:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.7:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.8:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.11:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.10:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.12:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.6.3:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.9:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.6.4:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:embedthis:goahead:3.6.5:*:*:*:*:*:*:*

Information

Published : 2017-09-05 00:29

Updated : 2017-09-05 10:07


NVD link : CVE-2017-14149

Mitre link : CVE-2017-14149


JSON object : View

CWE
CWE-476

NULL Pointer Dereference

Advertisement

dedicated server usa

Products Affected

embedthis

  • goahead