Unrated severityNVD Advisory· Published Aug 14, 2007· Updated Apr 23, 2026
CVE-2007-4337
CVE-2007-4337
Description
Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124.
Affected products
6cpe:2.3:a:streamripper:streamripper:1.61.1:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:streamripper:streamripper:1.61.1:*:*:*:*:*:*:*
- cpe:2.3:a:streamripper:streamripper:1.61.17:*:*:*:*:*:*:*
- cpe:2.3:a:streamripper:streamripper:1.61.24:*:*:*:*:*:*:*
- cpe:2.3:a:streamripper:streamripper:1.61.25:*:*:*:*:*:*:*
- cpe:2.3:a:streamripper:streamripper:1.61.26:*:*:*:*:*:*:*
- cpe:2.3:a:streamripper:streamripper:1.62:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- sourceforge.net/project/shownotes.phpnvdPatch
- secunia.com/advisories/26406nvdVendor Advisory
- osvdb.org/39533nvd
- secunia.com/advisories/26814nvd
- secunia.com/advisories/33052nvd
- secunia.com/advisories/33061nvd
- security.gentoo.org/glsa/glsa-200709-03.xmlnvd
- streamripper.cvs.sourceforge.net/streamripper/sripper_1x/lib/http.cnvd
- www.debian.org/security/2008/dsa-1683nvd
- www.securityfocus.com/archive/1/476302/100/0/threadednvd
- www.securityfocus.com/bid/25278nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/2858nvd
News mentions
0No linked articles in our index yet.