CVE-2013-0486

2013-03-2712:23:00

CWE-399

[email protected]

web.nvd.nist.gov

ibm

domino

http server

memory leak

denial of service

cve-2013-0486

6.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

80.8%

JSON

Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.

CPENameOperatorVersion
ibm:lotus_dominoibm lotus dominoeq8.5.2.4
ibm:lotus_dominoibm lotus dominoeq8.5.1.1
ibm:lotus_dominoibm lotus dominoeq8.5.1.4
ibm:lotus_dominoibm lotus dominoeq8.5.2.2
ibm:lotus_dominoibm lotus dominoeq8.5.2.1
ibm:lotus_dominoibm lotus dominoeq8.5.1
ibm:lotus_dominoibm lotus dominoeq8.5.0.1
ibm:lotus_dominoibm lotus dominoeq8.5.3.0
ibm:lotus_dominoibm lotus dominoeq8.5.0
ibm:lotus_dominoibm lotus dominoeq8.5.1.2

CPE	Name	Operator	Version
ibm:lotus_domino	ibm lotus domino	eq	8.5.2.4
ibm:lotus_domino	ibm lotus domino	eq	8.5.1.1
ibm:lotus_domino	ibm lotus domino	eq	8.5.1.4
ibm:lotus_domino	ibm lotus domino	eq	8.5.2.2
ibm:lotus_domino	ibm lotus domino	eq	8.5.2.1
ibm:lotus_domino	ibm lotus domino	eq	8.5.1
ibm:lotus_domino	ibm lotus domino	eq	8.5.0.1
ibm:lotus_domino	ibm lotus domino	eq	8.5.3.0
ibm:lotus_domino	ibm lotus domino	eq	8.5.0
ibm:lotus_domino	ibm lotus domino	eq	8.5.1.2