Lucene search

MitreCVE-2013-2564

HistoryJun 09, 2014 - 7:55 p.m.

CVE-2013-2564

2014-06-0919:55:09

CWE-399

mitre

web.nvd.nist.gov

mambo cms

4.6.5

vulnerability

denial of service

memory consumption

bandwidth consumption

crafted file

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

5.2

Confidence

High

EPSS

0.008

Percentile

81.3%

JSON

Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.

Affected configurations

Nvd

Node

mambo-foundationmambo_cmsMatch4.6.5

VendorProductVersionCPE
mambo-foundationmambo_cms4.6.5cpe:2.3:a:mambo-foundation:mambo_cms:4.6.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mambo-foundation	mambo_cms	4.6.5	cpe:2.3:a:mambo-foundation:mambo_cms:4.6.5:::::::*

References

packetstormsecurity.com/files/108462/mambocms465-permdosdisclose.txt

seclists.org/oss-sec/2013/q1/689

www.vapid.dhs.org/advisories/mambo_cms_4.6.5.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

5.2

Confidence

High

EPSS

0.008

Percentile

81.3%

JSON

Related for CVE-2013-2564