PT-2007-1006 · Gnome · Libsoup

Josselin Mouette

Published

2007-01-16

Updated

2024-06-15

CVE-2006-5876

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: libsoup HTTP library versions prior to 2.2.99

Description: The issue allows remote attackers to cause a denial of service, potentially leading to disruption of protected information. This can be achieved through the exploitation of malformed HTTP headers, likely involving missing fields or values. The soup headers parse function in soup-headers.c is specifically affected.

Recommendations: For versions prior to 2.2.99, update to version 2.2.99 or later to resolve the issue. As a temporary workaround, consider restricting access to the soup headers parse function until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-01324

CVE-2006-5876

DSA-1248-1

OPENSUSE-SU-2024:10994-1

Affected Products

Libsoup

PT-2007-1006 · Gnome · Libsoup

CVE-2006-5876

Related Identifiers

Affected Products

References · 24