CVE-2007-3947

Publication date

2007-07-24 00:00:00

Family

mitre

State

PUBLISHED

Description

request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.