CVE-2008-1700

Exploit

EPSS 0.7%
Veröffentlicht 08.04.2008 18:05:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Interwoven ≫ Worksite Web Version <= 8.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.7%	0.696

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf

Exploit

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/41757

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2008-1700

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1700

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1700

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2008-1700