Search for vulnerabilities
Vulnerability details: VCID-7u1r-49ad-aaaf
Vulnerability ID VCID-7u1r-49ad-aaaf
Aliases CVE-2007-4727
Summary Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow."
Status Published
Exploitability 0.5
Weighted Severity 6.1
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.21054 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.28285 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.29403 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.50438 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.50438 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.50438 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
epss 0.50438 https://api.first.org/data/v1/epss?cve=CVE-2007-4727
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2007-4727
Reference id Reference type URL
http://fedoranews.org/updates/FEDORA-2007-213.shtml
https://api.first.org/data/v1/epss?cve=CVE-2007-4727
https://bugzilla.redhat.com/show_bug.cgi?id=284511
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4727
http://secunia.com/advisories/26732
http://secunia.com/advisories/26794
http://secunia.com/advisories/26824
http://secunia.com/advisories/26997
http://secunia.com/advisories/27229
http://securityreason.com/securityalert/3127
http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/
https://exchange.xforce.ibmcloud.com/vulnerabilities/36526
https://issues.rpath.com/browse/RPL-1715
http://trac.lighttpd.net/trac/changeset/1986
http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml
http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
http://www.novell.com/linux/security/advisories/2007_20_sr.html
http://www.securityfocus.com/archive/1/479763/100/0/threaded
http://www.securityfocus.com/bid/25622
http://www.vupen.com/english/advisories/2007/3110
441555 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441555
cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*
CVE-2007-4727 https://nvd.nist.gov/vuln/detail/CVE-2007-4727
GLSA-200709-16 https://security.gentoo.org/glsa/200709-16
GLSA-200710-02 https://security.gentoo.org/glsa/200710-02
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-4727
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95164
EPSS Score 0.21054
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.