VULHUB ™

A vulnerability has been discovered in cgihtml which may result in memory corruption. The problem occurs due to a signed Content-Length value. By passing a negative Content-Length value in an HTTP POST request it is possible to trick the function into allocating insufficient memory. When the POST data is read from the user, heap memory will be overwritten causing the process to crash. Although not yet confirmed it may be possible to exploit this vulnerability to execute arbitrary instructions.

A vulnerability has been discovered in cgihtml which may result in memory corruption. The problem occurs due to a signed Content-Length value. By passing a negative Content-Length value in an HTTP POST request it is possible to trick the function into allocating insufficient memory. When the POST data is read from the user, heap memory will be overwritten causing the process to crash. Although not yet confirmed it may be possible to exploit this vulnerability to execute arbitrary instructions.