The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.
References
Link | Resource |
---|---|
http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf | Broken Link Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/41757 | Third Party Advisory VDB Entry |
Configurations
History
02 Feb 2024, 03:07
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:interwoven:worksite_web:*:*:*:*:*:*:*:* |
Information
Published : 2008-04-08 18:05
Updated : 2024-02-02 03:07
NVD link : CVE-2008-1700
Mitre link : CVE-2008-1700
CVE.ORG link : CVE-2008-1700
JSON object : View
Products Affected
interwoven
- worksite_web
CWE
CWE-770
Allocation of Resources Without Limits or Throttling