CVE

Id
40710  
CVE No.
CVE-2009-3275  
Status
Candidate  
Description
Blocks/Common/Src/Configuration/Manageability/Adm/AdmContentBuilder.cs in Microsoft patterns & practices Enterprise Library (aka EntLib) allows context-dependent attackers to cause a denial of service (CPU consumption) via an input string composed of many (backslash) characters followed by a " (double quote), related to a certain regular expression, aka a "ReDoS" vulnerability.  
Phase
Assigned (20090921)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
446584 40710 CVE-2009-3275 BUGTRAQ:20090910 Regular Expression Denial of Service  View
446585 40710 CVE-2009-3275 URL:http://www.securityfocus.com/archive/1/archive/1/506419/100/0/threaded  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
45318 JVNDB-2009-006325 QNAP TS-239 Pro および TS-639 Pro における重要な情報を取得される脆弱性 QNAP TS-239 Pro および TS-639 Pro は、プレーンな CBC モードの AES-256 暗号手順を使って LUKS パーティションを作成するため、重要な情報を取得される脆弱性が存在します。 CVE-2009-3279 40710 4.9 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-006325.html  View