CVE-2007-4060

Frank Yaul corehttp <0.5.3alpha - RCE

Title source: llm

Description

Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) URI in an HTTP request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by vade79 · cremotelinux

https://www.exploit-db.com/exploits/4243

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://osvdb.org/46831

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/25120

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4243

Scores

EPSS 0.2363

EPSS Percentile 96.0%

Details

Status published

Products (1)

frank_yaul/corehttp 0.5.3_alpha

Published Jul 30, 2007

Tracked Since Feb 18, 2026