CVE-2014-3788
Cogent DataHub < 7.3.5 - Remote Code Execution via Negative Content-Length
Title source: llmDescription
Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://cogentdatahub.com/ReleaseNotes.html
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-14-135/
Scores
EPSS
0.0401
EPSS Percentile
89.3%
Details
CWE
CWE-119
Status
published
Products (12)
cogentdatahub/cogent_datahub
7.0
cogentdatahub/cogent_datahub
7.0.2
cogentdatahub/cogent_datahub
7.1.0
cogentdatahub/cogent_datahub
7.1.1
cogentdatahub/cogent_datahub
7.1.1.63
cogentdatahub/cogent_datahub
7.1.2
cogentdatahub/cogent_datahub
7.2.2
cogentdatahub/cogent_datahub
7.3.0
cogentdatahub/cogent_datahub
7.3.1
cogentdatahub/cogent_datahub
7.3.2
... and 2 more
Published
May 22, 2014
Tracked Since
Feb 18, 2026