Vulnerabilities > CVE-2017-1000471 - NULL Pointer Dereference vulnerability in Embedthis Goahead 4.0.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

embedthis

CWE-476

critical

NVD

Published: 2018-01-03

Updated: 2018-01-17

Summary

EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.

Vulnerable Configurations

Part	Description	Count
Application	Embedthis Embedthis Goahead 4.0.0	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/embedthis/goahead/pull/258
https://github.com/embedthis/goahead/commit/5e6be61e42448f503e75e287dc332b1ecbf2a665#diff-7c9c60c790648b06210f57b9e2f53ca7