5

CVE-2015-0248

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheSubversion Version1.6.0
ApacheSubversion Version1.6.1
ApacheSubversion Version1.6.2
ApacheSubversion Version1.6.3
ApacheSubversion Version1.6.4
ApacheSubversion Version1.6.5
ApacheSubversion Version1.6.6
ApacheSubversion Version1.6.7
ApacheSubversion Version1.6.8
ApacheSubversion Version1.6.9
ApacheSubversion Version1.6.10
ApacheSubversion Version1.6.11
ApacheSubversion Version1.6.12
ApacheSubversion Version1.6.13
ApacheSubversion Version1.6.14
ApacheSubversion Version1.6.15
ApacheSubversion Version1.6.16
ApacheSubversion Version1.6.17
ApacheSubversion Version1.6.18
ApacheSubversion Version1.6.19
ApacheSubversion Version1.6.20
ApacheSubversion Version1.6.21
ApacheSubversion Version1.6.23
ApacheSubversion Version1.7.0
ApacheSubversion Version1.7.1
ApacheSubversion Version1.7.2
ApacheSubversion Version1.7.3
ApacheSubversion Version1.7.4
ApacheSubversion Version1.7.5
ApacheSubversion Version1.7.6
ApacheSubversion Version1.7.7
ApacheSubversion Version1.7.8
ApacheSubversion Version1.7.9
ApacheSubversion Version1.7.10
ApacheSubversion Version1.7.11
ApacheSubversion Version1.7.12
ApacheSubversion Version1.7.13
ApacheSubversion Version1.7.14
ApacheSubversion Version1.7.15
ApacheSubversion Version1.7.16
ApacheSubversion Version1.7.17
ApacheSubversion Version1.7.18
ApacheSubversion Version1.7.19
ApacheSubversion Version1.8.0
ApacheSubversion Version1.8.1
ApacheSubversion Version1.8.2
ApacheSubversion Version1.8.3
ApacheSubversion Version1.8.4
ApacheSubversion Version1.8.5
ApacheSubversion Version1.8.6
ApacheSubversion Version1.8.7
ApacheSubversion Version1.8.8
ApacheSubversion Version1.8.9
ApacheSubversion Version1.8.10
ApacheSubversion Version1.8.11
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
AppleXCode Version7.0
OracleSolaris Version11.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.84% 0.958
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Third Party Advisory
https://security.gentoo.org/glsa/201610-05
http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
Mailing List
https://support.apple.com/HT205217
Third Party Advisory
http://www.ubuntu.com/usn/USN-2721-1
http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:192
Broken Link
http://rhn.redhat.com/errata/RHSA-2015-1633.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1742.html
http://subversion.apache.org/security/CVE-2015-0248-advisory.txt
Vendor Advisory
http://www.debian.org/security/2015/dsa-3231
http://www.securityfocus.com/bid/74260
http://www.securitytracker.com/id/1033214