Intrusion Prevention

HTTP.Header.Value.Format.String

Description

A potential attempt at exploiting an HTTP 1.0 Format String attack. An attacker may make use of this vulnerability to cause remote web server to crash or execute arbitary code on it.

Affected Products

Remote Web server may be vulnerable to format string attacks on HTTP 1.0 header value.

Impact

This vulnerability may allow an attacker to execute arbitrary code on the victim's machine.

Recommended Actions

Verify your web server is not vulnerable to this type of attack. Upgrade the software.

CVE References

CVE-2007-3316

Other References

1