Mongoose OS CVE-2017-7185 Use After Free Denial of Service Vulnerability

Mongoose OS is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the server, resulting in a denial-of-service condition.

Information

Bugtraq ID: 97370
Class: Design Error
CVE: CVE-2017-7185

Remote: Yes
Local: No
Published: Apr 04 2017 12:00AM
Credit: COMPASS SECURITY.
Vulnerable:

Not Vulnerable:

References:

• Cesanta Homepage (Cesanta)
  
• CVE-2017-7185 - Mongoose OS - Use-after-free / Denial of Service (Seclists.org)
  
• Fix crash in multipart handling (Github)
  
• mongoose.c (Github)
  

Source: www.securityfocus.com