mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
98 lines
3.2 KiB
JSON
98 lines
3.2 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2009-5024",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "ViewVC before 1.1.11 allows remote attackers to bypass the cvsdb row_limit configuration setting, and consequently conduct resource-consumption attacks, via the limit parameter, as demonstrated by a \"query revision history\" request."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "[oss-security] 20110519 CVE Request: viewvc DoS",
|
|
"refsource" : "MLIST",
|
|
"url" : "http://openwall.com/lists/oss-security/2011/05/19/1"
|
|
},
|
|
{
|
|
"name" : "[oss-security] 20110519 Re: CVE Request: viewvc DoS",
|
|
"refsource" : "MLIST",
|
|
"url" : "http://openwall.com/lists/oss-security/2011/05/19/9"
|
|
},
|
|
{
|
|
"name" : "http://viewvc.tigris.org/issues/show_bug.cgi?id=433",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://viewvc.tigris.org/issues/show_bug.cgi?id=433"
|
|
},
|
|
{
|
|
"name" : "http://viewvc.tigris.org/source/browse/*checkout*/viewvc/tags/1.1.11/CHANGES",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://viewvc.tigris.org/source/browse/*checkout*/viewvc/tags/1.1.11/CHANGES"
|
|
},
|
|
{
|
|
"name" : "http://viewvc.tigris.org/source/browse/viewvc/trunk/lib/cvsdb.py?diff_format=u&view=log#rev2547",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://viewvc.tigris.org/source/browse/viewvc/trunk/lib/cvsdb.py?diff_format=u&view=log#rev2547"
|
|
},
|
|
{
|
|
"name" : "http://viewvc.tigris.org/source/browse/viewvc/trunk/lib/viewvc.py?diff_format=u&r1=2547&r2=2546&pathrev=2547",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://viewvc.tigris.org/source/browse/viewvc/trunk/lib/viewvc.py?diff_format=u&r1=2547&r2=2546&pathrev=2547"
|
|
},
|
|
{
|
|
"name" : "DSA-2563",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2012/dsa-2563"
|
|
},
|
|
{
|
|
"name" : "47928",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/47928"
|
|
}
|
|
]
|
|
}
|
|
}
|