Full Disclosure mailing list archives
[CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos
From: Aditya K Sood <zeroknock () secniche org>
Date: Sat, 21 Jul 2007 00:12:24 -0700
Advisory : JWIG Context-Dependent Template Calling Dos CVE- 2007-3816 Dated : 12 July 2007 Vulnerable Software : BRICS, JWIG Severity : Intermediate Explanation: JWIG might allow context-dependent attackers to cause a denial of service (service degradation) via loops of references to external templates. For more details : http://www.secniche.org/papers/HackAnnotationsInJWIG.pdf Links: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3816 http://nvd.nist.gov/cpe.cfm?cvename=CVE-2007-3816 Regards Aditya K Sood SecNiche Security _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos Aditya K Sood (Jul 19)
- Re: [WEB SECURITY] [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos Bubba Gump (Jul 21)
- Re: [WEB SECURITY] [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos Pranay Kanwar (Jul 21)
- Re: [WEB SECURITY] [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos Bubba Gump (Jul 21)