CVE-2007-0533

Name of the Vulnerable Software and Affected Versions AToZed IntraWeb component versions 8.0 and earlier AToZed IntraWeb component version 9.0 before build 9.0.12

Description The issue allows remote attackers to cause a denial of service, resulting in thread hang or CPU consumption, via a crafted HTTP request. This is related to the OnBeforeDispatch function in the TIWServerController object.

Recommendations For AToZed IntraWeb component versions 8.0 and earlier, update to a version later than 8.0. For AToZed IntraWeb component version 9.0, update to build 9.0.12 or later. As a temporary workaround, consider restricting access to the TIWServerController object until a patch is available.