Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
|
Embedthis
Subscribe
|
Appweb
Subscribe
|
|
Juniper
Subscribe
|
Ex2200
Subscribe
Ex2200-c
Subscribe
Ex2200-vc
Subscribe
Ex2300
Subscribe
Ex2300-24mp
Subscribe
Ex2300-24p
Subscribe
Ex2300-24t
Subscribe
Ex2300-48mp
Subscribe
Ex2300-48p
Subscribe
Ex2300-48t
Subscribe
Ex2300-c
Subscribe
Ex2300m
Subscribe
Ex3200
Subscribe
Ex3300
Subscribe
Ex3300-vc
Subscribe
Ex3400
Subscribe
Ex4200
Subscribe
Ex4200-vc
Subscribe
Ex4300
Subscribe
Ex4300-24p
Subscribe
Ex4300-24p-s
Subscribe
Ex4300-24t
Subscribe
Ex4300-24t-s
Subscribe
Ex4300-32f
Subscribe
Ex4300-32f-dc
Subscribe
Ex4300-32f-s
Subscribe
Ex4300-48mp
Subscribe
Ex4300-48mp-s
Subscribe
Ex4300-48p
Subscribe
Ex4300-48p-s
Subscribe
Ex4300-48t
Subscribe
Ex4300-48t-afi
Subscribe
Ex4300-48t-dc
Subscribe
Ex4300-48t-dc-afi
Subscribe
Ex4300-48t-s
Subscribe
Ex4300-48tafi
Subscribe
Ex4300-48tdc
Subscribe
Ex4300-48tdc-afi
Subscribe
Ex4300-mp
Subscribe
Ex4300-vc
Subscribe
Ex4300m
Subscribe
Ex4400
Subscribe
Ex4500
Subscribe
Ex4500-vc
Subscribe
Ex4550
Subscribe
Ex4550-vc
Subscribe
Ex4550\/vc
Subscribe
Ex4600
Subscribe
Ex4600-vc
Subscribe
Ex4650
Subscribe
Ex6200
Subscribe
Ex6210
Subscribe
Ex8200
Subscribe
Ex8200-vc
Subscribe
Ex8208
Subscribe
Ex8216
Subscribe
Ex9200
Subscribe
Ex9204
Subscribe
Ex9208
Subscribe
Ex9214
Subscribe
Ex9250
Subscribe
Ex9251
Subscribe
Ex9253
Subscribe
Junos
Subscribe
Mx
Subscribe
Mx10
Subscribe
Mx10000
Subscribe
Mx10003
Subscribe
Mx10008
Subscribe
Mx10016
Subscribe
Mx104
Subscribe
Mx150
Subscribe
Mx2008
Subscribe
Mx2010
Subscribe
Mx2020
Subscribe
Mx204
Subscribe
Mx240
Subscribe
Mx40
Subscribe
Mx480
Subscribe
Mx5
Subscribe
Mx80
Subscribe
Mx960
Subscribe
Ptx1000
Subscribe
Ptx1000-72q
Subscribe
Ptx10000
Subscribe
Ptx10001
Subscribe
Ptx10001-36mr
Subscribe
Ptx100016
Subscribe
Ptx10002
Subscribe
Ptx10002-60c
Subscribe
Ptx10003
Subscribe
Ptx10003 160c
Subscribe
Ptx10003 80c
Subscribe
Ptx10003 81cd
Subscribe
Ptx10004
Subscribe
Ptx10008
Subscribe
Ptx10016
Subscribe
Ptx3000
Subscribe
Ptx5000
Subscribe
Qfx10000
Subscribe
Srx100
Subscribe
Srx110
Subscribe
Srx1400
Subscribe
Srx1500
Subscribe
Srx210
Subscribe
Srx220
Subscribe
Srx240
Subscribe
Srx240h2
Subscribe
Srx240m
Subscribe
Srx300
Subscribe
Srx320
Subscribe
Srx340
Subscribe
Srx3400
Subscribe
Srx345
Subscribe
Srx3600
Subscribe
Srx380
Subscribe
Srx4000
Subscribe
Srx4100
Subscribe
Srx4200
Subscribe
Srx4600
Subscribe
Srx5000
Subscribe
Srx5400
Subscribe
Srx550
Subscribe
Srx550 Hm
Subscribe
Srx550m
Subscribe
Srx5600
Subscribe
Srx5800
Subscribe
Srx650
Subscribe
T1600
Subscribe
T320
Subscribe
T4000
Subscribe
T640
Subscribe
|
|
Oracle
Subscribe
|
Enterprise Communications Broker
Subscribe
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
| AND |
|
Configuration 4 [-]
| AND |
|
Configuration 5 [-]
| AND |
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2014-9515 | Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,". |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T13:55:04.212Z
Reserved: 2015-03-23T00:00:00
Link: CVE-2014-9708
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2015-03-31T14:59:07.313
Modified: 2025-04-12T10:46:40.837
Link: CVE-2014-9708
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses