CVE-2012-6330

Name of the Vulnerable Software and Affected Versions TWiki versions prior to 5.1.3 Foswiki versions 1.0.x through 1.0.10 Foswiki versions 1.1.x through 1.1.6

Description The issue allows remote attackers to cause a denial of service, specifically memory consumption, by exploiting the localization functionality. This is achieved by using a large integer in a %MAKETEXT% macro.

Recommendations For TWiki versions prior to 5.1.3, update to version 5.1.3 or later. For Foswiki versions 1.0.x through 1.0.10, update to a version outside of this range. For Foswiki versions 1.1.x through 1.1.6, update to a version outside of this range. As a temporary workaround, consider restricting the use of the %MAKETEXT% macro to minimize the risk of exploitation.