130 matches found
CVE-2007-0538
Telligent Community Server 2.1 and earlier allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to 1 a large file, which triggers a long download session without a timeout constraint; or 2 a file with a...
CVE-2007-0541
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...
Code injection
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...
CVE-2007-0540
WordPress allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data...
DEBIAN-CVE-2007-0541
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...
Design/Logic Flaw
The wpremotefopen function in WordPress before 2.1 allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint...
CVE-2007-0540
WordPress allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data...
Design/Logic Flaw
WordPress allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data...
DEBIAN-CVE-2007-0539
The wpremotefopen function in WordPress before 2.1 allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint...
Design/Logic Flaw
Telligent Community Server 2.1 and earlier allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to 1 a large file, which triggers a long download session without a timeout constraint; or 2 a file with a...
DEBIAN-CVE-2007-0540
WordPress allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data...
CVE-2007-0541
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...
CVE-2007-0540
WordPress allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data...
CVE-2007-0539
The wpremotefopen function in WordPress before 2.1 allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint...
CVE-2007-0539
The CVE-2007-0539 entry concerns WordPress prior to 2.1, where the wp_remote_fopen function can be abused by remote pingback calls that reference a very large file. This triggers a long download session without a timeout, enabling a denial of service (bandwidth or thread consumption). Connected s...
CVE-2007-0540
CVE-2007-0540 corresponds to a DoS vulnerability in WordPress where remote attackers pingback service calls to a source URI that points to a binary-content file, which is downloaded but yields no usable pingback data. The connected sources confirm affected software (WordPress) and describe the im...
CVE-2007-0541
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...
CVE-2007-0540
WordPress allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data...
CVE-2007-0539
The wpremotefopen function in WordPress before 2.1 allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint...
CVE-2007-0540
WordPress allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data...