[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-2391Date: (C)2008-05-21   (M)2023-12-22


SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
http://www.securityfocus.com/archive/1/492233/100/0/threaded
SREASON-3898
http://www.codeplex.com/subsonic/WorkItem/View.aspx?WorkItemId=16112
http://www.portcullis-security.com/uplds/wildcard_attacks.pdf
subsonic-pagesize-dos(42562)

CWE    1
CWE-20

© SecPod Technologies