Lucene search

[email protected]CVE-2006-2095

HistoryApr 29, 2006 - 10:02 a.m.

CVE-2006-2095

2006-04-2910:02:00

CWE-264

[email protected]

web.nvd.nist.gov

phex

denial of service

cve-2006-2095

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.1%

JSON

Phex before 2.8.6 allows remote attackers to cause a denial of service (application hang) by initiating multiple chat requests to a single user and then logging off.

Affected configurations

NVD

Node

phexphexRange≤2.8.4

phexphexMatch2.0.0

phexphexMatch2.2

phexphexMatch2.2.2

phexphexMatch2.4

phexphexMatch2.4.2

phexphexMatch2.4.4

phexphexMatch2.6

phexphexMatch2.6.2

phexphexMatch2.6.4

phexphexMatch2.8

phexphexMatch2.8.2

CPENameOperatorVersion
phex:phexphexle2.8.4
phex:phexphexeq2.0.0
phex:phexphexeq2.2
phex:phexphexeq2.2.2
phex:phexphexeq2.4
phex:phexphexeq2.4.2
phex:phexphexeq2.4.4
phex:phexphexeq2.6
phex:phexphexeq2.6.2
phex:phexphexeq2.6.4

CPE	Name	Operator	Version
phex:phex	phex	le	2.8.4
phex:phex	phex	eq	2.0.0
phex:phex	phex	eq	2.2
phex:phex	phex	eq	2.2.2
phex:phex	phex	eq	2.4
phex:phex	phex	eq	2.4.2
phex:phex	phex	eq	2.4.4
phex:phex	phex	eq	2.6
phex:phex	phex	eq	2.6.2
phex:phex	phex	eq	2.6.4

Rows per page:

1-10 of 121

References

secunia.com/advisories/19824

sourceforge.net/project/shownotes.php?release_id=412751

www.vupen.com/english/advisories/2006/1560

exchange.xforce.ibmcloud.com/vulnerabilities/26124

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.1%

JSON

Related for CVE-2006-2095

nvd1 cvelist1 prion1