5

CVE-2010-4746

Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalization code and (2) pointer mishandling in the syntax normalization code, a different issue than CVE-2011-0019.

Data is provided by the National Vulnerability Database (NVD)
Fedoraproject389 Directory Server Updatealpha3 Version <= 1.2.7
Fedoraproject389 Directory Server Version1.2.5 Updaterc1
Fedoraproject389 Directory Server Version1.2.5 Updaterc2
Fedoraproject389 Directory Server Version1.2.5 Updaterc3
Fedoraproject389 Directory Server Version1.2.5 Updaterc4
Fedoraproject389 Directory Server Version1.2.6 Updatea2
Fedoraproject389 Directory Server Version1.2.6 Updatea3
Fedoraproject389 Directory Server Version1.2.6 Updatea4
Fedoraproject389 Directory Server Version1.2.6 Updaterc1
Fedoraproject389 Directory Server Version1.2.6 Updaterc2
Fedoraproject389 Directory Server Version1.2.6 Updaterc3
Fedoraproject389 Directory Server Version1.2.6 Updaterc6
Fedoraproject389 Directory Server Version1.2.6 Updaterc7
Fedoraproject389 Directory Server Version1.2.6.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.47% 0.618
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P