PT-2014-3341 · Cxxtools · Cxxtools

Matthew Daley

Published

2014-01-26

Updated

2017-08-29

CVE-2013-7298

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions cxxtools versions prior to 2.2.1

Description The issue allows remote attackers to cause a denial of service, resulting in infinite recursion and a crash. This can be achieved by sending an HTTP query that contains double percent (%%) characters.

Recommendations For versions prior to 2.2.1, update to version 2.2.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2013-7298

MGASA-2014-0073

Affected Products

Cxxtools

PT-2014-3341 · Cxxtools · Cxxtools

CVE-2013-7298

Weakness Enumeration

Related Identifiers

Affected Products

References · 17