CVE-2004-1053
FreeBSD fetch 4.1-5.3 - Remote Code Execution via HTTP Header Integer Overflow
Title source: llmDescription
Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.
References (3)
Core 3
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11702
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18160
Various Sources vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:16.fetch.asc
Scores
EPSS
0.0122
EPSS Percentile
79.4%
Details
Status
published
Products (1)
freebsd/fetch
Published
Mar 01, 2005
Tracked Since
Feb 18, 2026