Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2) Accept Language header, (3) User-agent header, (4) Host header, or (5) protocol version; or a (6) crafted HTTP protocol version.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Fireflymediaserver
  • Firefly Media Server

Configuration 1 [-]

cpe:2.3:a:fireflymediaserver:firefly_media_server:1.0.0.1359:*:*:*:*:*:*:*
References
Link Resource
http://archives.neohapsis.com/archives/bugtraq/2012-12/0115.html
http://www.exploit-db.com/exploits/23574 Exploit
http://www.securitytracker.com/id?1027917
https://www.htbridge.com/advisory/HTB23129
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:30

Updated: 2022-10-03T16:15:30

Reserved: 2022-10-03T00:00:00

Link: CVE-2012-5875

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2013-01-18T11:48:40.480

Modified: 2013-01-18T11:48:40.480

Link: CVE-2012-5875

JSON object: View

cve-icon Redhat Information

No data.

CWE