Bugtraq: [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

[CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos

From: Aditya K Sood <zeroknock () secniche org>
Date: Sat, 21 Jul 2007 00:12:24 -0700


Advisory :  JWIG   Context-Dependent  Template Calling Dos

CVE- 2007-3816

Dated : 12 July 2007

Vulnerable Software : BRICS, JWIG

Severity : Intermediate

Explanation:

JWIG might allow context-dependent attackers to cause a denial ofservice (service degradation) via loops of

references to external templates. For more details :

http://www.secniche.org/papers/HackAnnotationsInJWIG.pdf

Links:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3816
http://nvd.nist.gov/cpe.cfm?cvename=CVE-2007-3816


Regards
Aditya K Sood
SecNiche Security

By Date By Thread

Current thread:

[CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos Aditya K Sood (Jul 19)
- Message not available
  - Re: [WEB SECURITY] [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos Pranay Kanwar (Jul 23)