[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77986

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-5984

Date: (C)2007-11-14   (M)2017-08-01
 
CVSS Score: 7.8Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE











classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation."

Reference:
http://www.securityfocus.com/archive/1/archive/1/483592/100/0/threaded
BID-26410
SREASON-3360
OSVDB-45282
autoindex-index-dos(38437)
http://autoindex.sourceforge.net/change_log.html

CWE    1
CWE-20

© 2013 SecPod Technologies