Lucene search

[email protected]CVE-2004-0245

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0245

2004-11-2305:00:00

[email protected]

web.nvd.nist.gov

web crossing

cve-2004-0245

denial of service

dos

http post

security vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.1 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

90.9%

JSON

Web Crossing 4.x and 5.x allows remote attackers to cause a denial of service (crash) by sending a HTTP POST request with a large or negative Content-Length, which causes an integer divide-by-zero.

Affected configurations

NVD

Node

web_crossing_incweb_crossingMatch4.0

web_crossing_incweb_crossingMatch5.0

CPENameOperatorVersion
web_crossing_inc:web_crossingweb crossing inc web crossingeq4.0
web_crossing_inc:web_crossingweb crossing inc web crossingeq5.0

CPE	Name	Operator	Version
web_crossing_inc:web_crossing	web crossing inc web crossing	eq	4.0
web_crossing_inc:web_crossing	web crossing inc web crossing	eq	5.0

References

marc.info/?l=bugtraq&m=107586518120516&w=2

www.securityfocus.com/bid/9576

exchange.xforce.ibmcloud.com/vulnerabilities/15022

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.1 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

90.9%

JSON

Related for CVE-2004-0245

cvelist1 nvd1