CVE-2007-4337

EPSS 3.4%

streamripper - potential code execution

Published: 8/14/2007Modified: 4/28/2026

Description

Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124.

Affected packages (2)

Debian/streamripperfrom 0, < 1.62.2-1
Debian/streamripperfrom 0, < 1.61.27-1+etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-4337