Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hashcash | hashcash | 1.15 |
| hashcash | hashcash | 1.14 |
| hashcash | hashcash | 1.16 |
Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hashcash | hashcash | 1.15 |
| hashcash | hashcash | 1.07 |
| hashcash | hashcash | 1.01 |
| hashcash | hashcash | 1.18 |
| hashcash | hashcash | 1.12 |
| hashcash | hashcash | 1.17 |
| hashcash | hashcash | 1.05 |
| hashcash | hashcash | 1.10 |
| hashcash | hashcash | 1.03 |
| hashcash | hashcash | 1.02 |
| hashcash | hashcash | 1.04 |
| hashcash | hashcash | 1.06 |
| hashcash | hashcash | 1.11 |
| hashcash | hashcash | 1.14 |
| hashcash | hashcash | 1.08 |
| hashcash | hashcash | 1.16 |
| hashcash | hashcash | 1.00 |
| hashcash | hashcash | 1.13 |
| hashcash | hashcash | 1.19 |
| hashcash | hashcash | * |
| hashcash | hashcash | 1.09 |
PHP remote file inclusion vulnerability in server.php in the Hashcash Component (com_hashcash) 1.2.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hashcash | hashcash | 1.2.1 |