CVE

Id
25863  
CVE No.
CVE-2007-2506  
Status
Candidate  
Description
WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or wsisa.dll with WService=wsbroker1/_edit.r in the PATH_INFO.  
Phase
Assigned (20070503)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
259588 25863 CVE-2007-2506 BUGTRAQ:20070501 Disable website access for sites running Webspeed  View
259589 25863 CVE-2007-2506 URL:http://www.securityfocus.com/archive/1/archive/1/467375/100/0/threaded  View
259590 25863 CVE-2007-2506 BUGTRAQ:20070502 response Progress: Denial of Service attack against WebSpeed possible  View
259591 25863 CVE-2007-2506 URL:http://www.securityfocus.com/archive/1/archive/1/467376/100/0/threaded  View
259592 25863 CVE-2007-2506 MISC:http://www.ishare.nl/  View
259593 25863 CVE-2007-2506 CONFIRM:http://progress.atgnow.com/esprogress/resultDisplay.do?gotoLink=115&docType=1006&clusterName=CombinedCluster&contentId=12&groupId=3&answerGroup=1&score=1932&page=http%3A%2F%2Fprogress.atgnow.com%2Fesprogress%2Fdocs%2FSolutions%2FProgress%2FESERVER_P123694.xhtml&result=0&excerpt=P123694  View
259594 25863 CVE-2007-2506 BID:23778  View
259595 25863 CVE-2007-2506 URL:http://www.securityfocus.com/bid/23778  View
259596 25863 CVE-2007-2506 OSVDB:35541  View
259597 25863 CVE-2007-2506 URL:http://osvdb.org/35541  View
259598 25863 CVE-2007-2506 SECUNIA:25129  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
56824 JVNDB-2007-005516 Trend Micro ServerProtect におけるスタックベースのバッファオーバーフローの脆弱性 Trend Micro ServerProtect には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2007-2508 25863 10 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005516.html  View