CVE-2013-0486

MEDIUM

Description

Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.

References

http://jvn.jp/en/jp/JVN51305555/index.html

http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000030.html

http://www-01.ibm.com/support/docview.wss?uid=swg21627597

https://exchange.xforce.ibmcloud.com/vulnerabilities/81812

Details

Source: MITRE

Published: 2013-03-27

Updated: 2017-08-29

Type: CWE-399

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*

Tenable Plugins

View all (1 total)

IDNameProductFamilySeverity
67192IBM Lotus Domino 8.5.x < 8.5.3 FP 4 Multiple VulnerabilitiesNessusWeb Servers
high