CVE-2013-0494

Name of the Vulnerable Software and Affected Versions IBM Sterling B2B Integrator versions 5.0 through 5.1

Description The issue allows remote attackers to cause a denial of service, consuming memory and CPU, by sending a crafted HTTP request. This can be achieved via a manipulated Range or Request-Range header.

Recommendations For IBM Sterling B2B Integrator versions 5.0 through 5.1, consider restricting access to the HTTP endpoint to minimize the risk of exploitation. As a temporary workaround, avoid using the Range and Request-Range headers in HTTP requests until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.