CVE-2015-1548 Information

Description

mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string which triggers an incorrect response size calculation and an out-of-bounds read.

Reference

http://itinsight.hu/en/posts/articles/2015-01-23-mini-httpd/ http://www.securityfocus.com/bid/73450