CVE-2010-2054
Severity CVSS v4.0:
Pending analysis
Type:
CWE-189
Numeric Errors
Publication date:
15/06/2010
Last modified:
11/04/2025
Description
Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header, aka bug #3001915. NOTE: some of these details are obtained from third party information.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:standards_based_linux_instrumentation:sblim-sfcb:1.3.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:standards_based_linux_instrumentation:sblim-sfcb:1.3.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:standards_based_linux_instrumentation:sblim-sfcb:1.3.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:standards_based_linux_instrumentation:sblim-sfcb:1.3.7:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://marc.info/?l=bugtraq&m=127549079109192&w=2
- http://sblim.cvs.sourceforge.net/viewvc/sblim/sfcb/httpAdapter.c?r1=1.85&r2=1.86
- http://secunia.com/advisories/40018
- http://sourceforge.net/tracker/index.php?func=detail&aid=3001915&group_id=128809&atid=712784
- http://www.vupen.com/english/advisories/2010/1312
- http://marc.info/?l=bugtraq&m=127549079109192&w=2
- http://sblim.cvs.sourceforge.net/viewvc/sblim/sfcb/httpAdapter.c?r1=1.85&r2=1.86
- http://secunia.com/advisories/40018
- http://sourceforge.net/tracker/index.php?func=detail&aid=3001915&group_id=128809&atid=712784
- http://www.vupen.com/english/advisories/2010/1312