Lucene search

[email protected]CVE-2006-6910

HistoryJan 09, 2007 - 11:00 a.m.

CVE-2006-6910

2007-01-0911:00:00

[email protected]

web.nvd.nist.gov

cve-2006-6910

formbankcgi.exe

fersch formbankserver 1.9

denial of service

remote attackers

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begins with Abfrage, allows remote attackers to cause a denial of service (daemon crash) via multiple requests containing many /…/ sequences in the Name parameter.

Affected configurations

NVD

Node

ferschformbankserverMatch1.9

CPENameOperatorVersion
fersch:formbankserverfersch formbankservereq1.9

CPE	Name	Operator	Version
fersch:formbankserver	fersch formbankserver	eq	1.9

References

secunia.com/advisories/23539

www.securityfocus.com/bid/21841

exchange.xforce.ibmcloud.com/vulnerabilities/31216

www.exploit-db.com/exploits/3056

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.4%

JSON

Related for CVE-2006-6910

nvd1 cvelist1