Design/Logic Flaw

2010-05-2618:30:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.033 Low

EPSS

Percentile

91.3%

JSON

FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains “ctrl” characters.

CPENameOperatorVersion
fckeditor.javaeq2.4

CPE	Name	Operator	Version
	fckeditor.java	eq	2.4

References

dev.fckeditor.net/ticket/3902

java.fckeditor.net/changes-report.html

secunia.com/advisories/35870

sourceforge.net/project/shownotes.php?release_id=697258

www.osvdb.org/56060

www.securityfocus.com/bid/35709

exchange.xforce.ibmcloud.com/vulnerabilities/51738