Launchpad.net

CVE 2013-7401

The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

See the CVE page on Mitre.org for more details.