Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remote attackers to execute arbitrary code via a long If-Modified-Since header to (1) xigui32.exe or (2) xitami.exe.
https://www.exploit-db.com/exploits/4450
https://exchange.xforce.ibmcloud.com/vulnerabilities/36756