CVE-1999-1417

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Aug 23, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-1417 is a format string vulnerability affecting the AnswerBook2 (AB2) web server's dwhttpd 3.1a4 version. This issue allows remote attackers to cause a denial of service and potentially execute arbitrary commands by manipulating encoded % characters within HTTP requests. The server mishandles these characters during logging, leading to this security weakness.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlXIA
https://www.cve.org/CVERecord?id=CVE-1999-1417
https://nvd.nist.gov/vuln/detail/CVE-1999-1417

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-1999-1417

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations