CVE-2009-4490

Name of the Vulnerable Software and Affected Versions mini httpd version 1.19

Description The issue allows remote attackers to potentially modify a window's title or execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator, as mini httpd writes data to a log file without sanitizing non-printable characters.

Recommendations For mini httpd version 1.19, consider sanitizing non-printable characters in log data to prevent potential exploitation. As a temporary workaround, restrict access to the log file to minimize the risk of arbitrary command execution.