CVE-2012-5499

Опубликовано: 06 нояб. 2012

Источник: redhat

CVSS2: 5

EPSS Низкий

Описание

python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.

It was discovered that Plone, included as a part of luci, did not properly handle the processing of very large values passed to an internal utility function. A remote attacker could use a specially crafted URL that, when processed, would lead to excessive memory consumption.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	conga	Affected
Red Hat Enterprise Linux 5	conga	Fixed	RHSA-2014:1194	16.09.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=874657(Plone): Partial denial of service through internal function

EPSS

Процентиль: 75%

0.00887

Низкий

5 Medium

CVSS2

Связанные уязвимости

CVE-2012-5499

nvd

почти 11 лет назад

python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.

GHSA-wrf2-2rch-cmr9

CVSS3: 7.5

github

больше 3 лет назад

Plone is vulnerable to denial of service

ELSA-2014-1194

oracle-oval