- Description
- Small HTTP Server 2.01 does not properly process Server Side Includes (SSI) tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:max_feoktistov:small_http_server:2.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82D993A9-83F8-410B-B2E3-00D5207CFD96"
}
],
"operator": "OR"
}
]
}
]