NVD

Id
8015  
Name
CVE-2011-1027  
Description
Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characters, as demonstrated by a %gg sequence.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-07  
Published
2011-03-19  
Modified Date
2011-09-06  
Seq
2011-1027  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
45664 8015 CVE-2011-1027 [git] 20110305 [ANNOUNCE] CGIT 0.8.3.5  View
45665 8015 CVE-2011-1027 http://hjemli.net/git/cgit/commit/?h=stable&id=fc384b16fb9787380746000d3cea2d53fccc548e  View
45666 8015 CVE-2011-1027 FEDORA-2011-2803  View
45667 8015 CVE-2011-1027 FEDORA-2011-2815  View
45668 8015 CVE-2011-1027 FEDORA-2011-2790  View
45669 8015 CVE-2011-1027 [oss-security] 20110307 cgit convert_query_hexchar infinite loop (CVE-2011-1027)  View
45670 8015 CVE-2011-1027 46756  View
45671 8015 CVE-2011-1027 ADV-2011-0667  View
45672 8015 CVE-2011-1027 cgit-convertqueryhexchar-dos(65919)  View
45673 8015 CVE-2011-1027 https://bugzilla.redhat.com/show_bug.cgi?id=680905  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
34056 JVNDB-2011-004298 cgit の convert_query_hexchar 関数におけるサービス運用妨害 (DoS) の脆弱性 cgit の cgit.cgi の html.c の convert_query_hexchar 関数には、一つずれエラーが発生するため、サービス運用妨害 (無限ループ) 状態となる脆弱性が存在します。 CVE-2011-1027 48934 CVE-2011-1027 8015 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004298.html 2011-03-19 2012-03-27 View