The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP before 0.9.9.7 attempts to parse query strings that contain (1) non-printing characters, (2) certain printing characters that do not commonly occur in URLs, or (3) invalid URL encoding sequences, which has unknown impact and remote attack vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-26T23:00:00

Updated: 2024-08-07T14:14:13.325Z

Reserved: 2007-06-26T00:00:00

Link: CVE-2007-3422

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-06-26T23:30:00.000

Modified: 2024-11-21T00:33:12.373

Link: CVE-2007-3422

cve-icon Redhat

No data.