Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6349

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2007-6349
Last Modified 05 Sep 2008 05:33:01
Published 20 Dec 2007 06:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6349

Summary

P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-Length greater than 0.

Vulnerable Systems

Application

  • Perforce P4web 2006.1

  • Perforce P4web 2006.2


References

BID - 26806

MISC - http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-015.txt

BUGTRAQ - 20071218 SYMSA-2007-015

SECUNIA - 28158

XF - p4web-contentlength-dos(39142)

OSVDB - 39297

SREASON - 3476


Last Updated: 27 May 2016 10:46:28