Sign-up

ID

VAR-201912-1595


CVE

CVE-2013-4743


TITLE

Static HTTP Server Vulnerable to classical buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2013-007020

DESCRIPTION

Static HTTP Server 1.0 has a Local Overflow. Static HTTP Server Contains a classic buffer overflow vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow

Trust: 2.16

sources: NVD: CVE-2013-4743 // JVNDB: JVNDB-2013-007020 // CNVD: CNVD-2020-14093

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-14093

AFFECTED PRODUCTS

vendor:static http servermodel:static http serverscope:eqversion:1.0

Trust: 1.8

vendor:staticmodel:http server static http serverscope:eqversion:1.0

Trust: 0.6

sources: CNVD: CNVD-2020-14093 // JVNDB: JVNDB-2013-007020 // NVD: CVE-2013-4743

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-4743
value: CRITICAL

Trust: 1.0

NVD: CVE-2013-4743
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2020-14093
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201912-1171
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2013-4743
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-14093
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2013-4743
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2013-4743
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-14093 // JVNDB: JVNDB-2013-007020 // CNNVD: CNNVD-201912-1171 // NVD: CVE-2013-4743

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.8

sources: JVNDB: JVNDB-2013-007020 // NVD: CVE-2013-4743

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201912-1171

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201912-1171

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-007020

PATCH
title:Static http serverurl:https://sourceforge.net/projects/static-httpd/?source=dlp
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-007020

EXTERNAL IDS
db:NVDid:CVE-2013-4743
Trust: 3.0
db:EXPLOIT-DBid:26520
Trust: 1.6
db:JVNDBid:JVNDB-2013-007020
Trust: 0.8
db:CNVDid:CNVD-2020-14093
Trust: 0.6
db:CNNVDid:CNNVD-201912-1171
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-14093 // 
            
            
            
            JVNDB: JVNDB-2013-007020 // 
            
            
            
            CNNVD: CNNVD-201912-1171 // 
            
            
            
            NVD: CVE-2013-4743

REFERENCES
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/85417
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2013-4743
Trust: 2.0
url:http://www.exploit-db.com/exploits/26520
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4743
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-14093 // 
            
            
            
            JVNDB: JVNDB-2013-007020 // 
            
            
            
            CNNVD: CNNVD-201912-1171 // 
            
            
            
            NVD: CVE-2013-4743

SOURCES
db:CNVDid:CNVD-2020-14093
db:JVNDBid:JVNDB-2013-007020
db:CNNVDid:CNNVD-201912-1171
db:NVDid:CVE-2013-4743

LAST UPDATE DATE
2024-11-23T23:01:33.973000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-14093date:2020-02-27T00:00:00
db:JVNDBid:JVNDB-2013-007020date:2020-01-20T00:00:00
db:CNNVDid:CNNVD-201912-1171date:2020-06-24T00:00:00
db:NVDid:CVE-2013-4743date:2024-11-21T01:56:17.227

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-14093date:2020-02-27T00:00:00
db:JVNDBid:JVNDB-2013-007020date:2020-01-20T00:00:00
db:CNNVDid:CNNVD-201912-1171date:2019-12-27T00:00:00
db:NVDid:CVE-2013-4743date:2019-12-27T17:15:15.217