PT-2008-3244 · Autonomy · Worksite Web
Published
2008-04-08
·
Updated
2024-02-02
·
CVE-2008-1700
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
WorkSite Web versions 8.2 before SP1 P2
Description
The issue allows remote attackers to cause a denial of service, specifically memory consumption, via a large number of
SendNrlLink directives. This results in opening a separate window for each directive.Recommendations
For WorkSite Web versions 8.2 before SP1 P2, apply the SP1 P2 patch to resolve the issue. As a temporary workaround, consider restricting the number of
SendNrlLink directives to minimize the risk of exploitation.Exploit
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Worksite Web