Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2438

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-2438
Last Modified 17 Aug 2013 02:44:56
Published 26 Nov 2012 07:45:22
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2438

Summary

ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php.

Vulnerable Systems

Application

  • Awcm-cms Ar Web Content Manager 2.2


References

BUGTRAQ - 20121108 Vulnerability Report on AWCM 2.2

XF - awcm-database-sec-bypass(79927)

MISC - http://packetstormsecurity.org/files/117975/AWCM-2.2-Access-Bypass.html


Last Updated: 27 May 2016 11:02:47