Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".
Published 2015-03-31 14:59:07
Updated 2023-06-22 19:49:42
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2014-9708