Vulnerabilities > CVE-2017-1000471 - NULL Pointer Dereference vulnerability in Embedthis Goahead 4.0.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

embedthis

CWE-476

NVD

Published: 2018-01-03

Updated: 2018-01-17

Summary

EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.

Vulnerable Configurations

Part	Description	Count
Application	Embedthis Embedthis Goahead 4.0.0	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/embedthis/goahead/commit/5e6be61e42448f503e75e287dc332b1ecbf2a665#diff-7c9c60c790648b06210f57b9e2f53ca7
https://github.com/embedthis/goahead/pull/258