Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1700

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-1700
Last Modified 29 Jul 2009 12:00:00
Published 08 Apr 2008 02:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1700

Summary

The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.

Vulnerable Systems

Application

  • Interwoven Worksite Web 8.2


References

XF - worksiteweb-webtransferctrl-imanfile-dos(41757)

MISC - http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf


Last Updated: 27 May 2016 10:47:38