CVE-2007-2506

by Fred · 03/05/2007

WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or wsisa.dll with WService=wsbroker1/_edit.r in the PATH_INFO.

Date published : 2007-05-03

http://www.securityfocus.com/bid/23778

http://www.securityfocus.com/archive/1/467375/100/0/threaded

CVE-2007-2506

Similar

Recent Posts

Categories

CVE-2007-2506

Share this:

Similar

Recent Posts

Categories

Tags