Unrated severityNVD Advisory· Published Dec 13, 2013· Updated Jun 17, 2026
CVE-2013-7039
CVE-2013-7039
Description
Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21cpe:2.3:a:gnu:libmicrohttpd:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:gnu:libmicrohttpd:*:*:*:*:*:*:*:*range: <=0.9.31
- cpe:2.3:a:gnu:libmicrohttpd:0.9.16:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.17:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.18:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.19:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.20:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.21:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.22:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.23:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.24:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.25:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.26:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.27:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.28:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.29:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:libmicrohttpd:0.9.30:*:*:*:*:*:*:*
- Range: <0.9.32
- osv-coords4 versionspkg:rpm/suse/libmicrohttpd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/libmicrohttpd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/libmicrohttpd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/libmicrohttpd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
< 0.9.30-5.1+ 3 more
- (no CPE)range: < 0.9.30-5.1
- (no CPE)range: < 0.9.30-5.1
- (no CPE)range: < 0.9.30-5.1
- (no CPE)range: < 0.9.30-5.1
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.