CVE-2012-5875

Name of the Vulnerable Software and Affected Versions Firefly Media Server version 1.0.0.1359

Description The issue allows remote attackers to cause a denial of service due to a NULL pointer dereference. This can be achieved through various means, including a crafted Connection HTTP header, a return carriage control character in the Accept-Language header, User-agent header, Host header, or protocol version, or a crafted HTTP protocol version.

Recommendations For Firefly Media Server version 1.0.0.1359, consider restricting access to the HTTP connection handler to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using crafted HTTP headers or protocol versions that may trigger the NULL pointer dereference. At the moment, there is no information about a newer version that contains a fix for this issue.