CVE-2019-19307

An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possibly cause an out-of-bounds write, by sending a crafted MQTT protocol packet.
References
Link Resource
https://github.com/cesanta/mongoose/issues/1055 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:cesanta:mongoose:6.16:*:*:*:*:*:*:*

Information

Published : 2019-11-26 08:15

Updated : 2020-08-24 10:37


NVD link : CVE-2019-19307

Mitre link : CVE-2019-19307


JSON object : View

CWE
CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-190

Integer Overflow or Wraparound

Advertisement

dedicated server usa

Products Affected

cesanta

  • mongoose