5

CVE-2014-2668

Exploit
Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheCouchdb Version <= 1.5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 22.29% 0.974
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-updates/2014-04/msg00039.html
http://packetstormsecurity.com/files/125889
http://secunia.com/advisories/57572
Vendor Advisory
http://www.exploit-db.com/exploits/32519
Exploit
http://www.securityfocus.com/bid/66474
Exploit
http://www.securitytracker.com/id/1029967
https://exchange.xforce.ibmcloud.com/vulnerabilities/92161