ID CVE-2007-6349
Summary P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-Length greater than 0.
References
Vulnerable Configurations
  • cpe:2.3:a:perforce:p4web:2006.1:*:*:*:*:*:*:*
    cpe:2.3:a:perforce:p4web:2006.1:*:*:*:*:*:*:*
  • cpe:2.3:a:perforce:p4web:2006.2:*:*:*:*:*:*:*
    cpe:2.3:a:perforce:p4web:2006.2:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 15-10-2018 - 21:52)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 26806
bugtraq 20071218 SYMSA-2007-015
misc http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-015.txt
osvdb 39297
secunia 28158
sreason 3476
xf p4web-contentlength-dos(39142)
Last major update 15-10-2018 - 21:52
Published 20-12-2007 - 23:46
Last modified 15-10-2018 - 21:52
Back to Top