Re: CVE request: TYPO3-EXT-SA-2014-013

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Can I get one 2014 CVE for following TYPO3 extension issue
>
> It has been discovered that the extension "Calendar Base" (cal) is
> susceptible to Denial of Service.
>
> Affected Versions: all versions of 0.x.x, 1.0.x, 1.1.x, 1.2.x, 1.3.x, 1.4.x;
> 1.5.8 and below of 1.5.x; 1.6.0
>
> Suggested CVSS v2.0: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C
>
> User input is passed to PHP's PCRE library without validating it
> beforehand. Depending on user input this may consume a tremendous
> amount of system resources.

Use CVE-2014-8325.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUQWlKAAoJEKllVAevmvmsrtcH/Rs3NVD3MTD/Ze4pOYtV//TR
VdmlhkerVpCCXeUslctYqZJGrbawXjFXsBSx8V/WC4pipZjBG3fcLCZK0w33AdVo
oM7voFeCoC4FXAz37+WxqPxan0nqL8qeD7vQuAfPxhZye2iKoF2Gvis1AmQl/i7C
Nsrun0Q0obhEir4r7X0Tapzo6wNBHvw3GSllOHA38Z6rRqV4oDU4b0Tb0FMR15do
JEqwvvd6/HRLPsEt/UxpRJm8gissMCk1v6EGQItFSMAWF749/heLaqBHYTiJCwDm
CH7kb6fqNibex3fmhZNOdbV/7WAsYqpDiBlIyWwjVOdD4k44/hqpi27shIkkWHA=
=yE62
-----END PGP SIGNATURE-----