Lucene search
HistoryMar 26, 2006 - 10:02 p.m.
CVE-2006-1387
cve-2006-1387
twiki
4.0
4.0.1
20010901
20040904
denial of service
include by url
6.8 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
76.5%
TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights to cause a denial of service (infinite recursion leading to CPU and memory consumption) via INCLUDE by URL statements that form a loop, such as a page that includes itself.
Affected configurations
Node
twikitwikiMatch4.0
ORtwikitwikiMatch4.0.1
ORtwikitwikiMatch2001-09-01
ORtwikitwikiMatch2001-12-01
ORtwikitwikiMatch2003-02-01
ORtwikitwikiMatch2004-09-01
ORtwikitwikiMatch2004-09-02
ORtwikitwikiMatch2004-09-03
ORtwikitwikiMatch2004-09-04
Related
prion
prion
Code injection
2006-03-26 22:02:00
nvd
nvd
CVE-2006-1387
2006-03-26 22:02:00
cvelist
cvelist
CVE-2006-1387
2006-03-26 22:00:00
ubuntucve
ubuntucve
CVE-2006-1387
2006-03-26 00:00:00
6.8 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
76.5%
Related for CVE-2006-1387