1. CVE-Search
  2. CVE-2011-1952
ID CVE-2011-1952
Summary common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service (infinite loop) via malformed HTML markup, as demonstrated by an a< sequence.
References
Vulnerable Configurations
  • cpe:2.3:a:postrev:post_revolution:0.6.2:beta:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.6.2:beta:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.6.3:beta:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.6.3:beta:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.7.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.7.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.7.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.7.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.7.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.7.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.7.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.7.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.8.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.8.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:0.8.0b:*:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:0.8.0b:*:*:*:*:*:*:*
  • cpe:2.3:a:postrev:post_revolution:*:*:*:*:*:*:*:*
    cpe:2.3:a:postrev:post_revolution:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 09-10-2018 - 19:32)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 47967
bugtraq 20110601 Post Revolution 0.8.0c Multiple Remote Vulnerabilities
confirm http://postrev.com.ar/verpost.php?id_noticia=59
misc http://javierb.com.ar/2011/06/01/postrev-vunls/
sreason 8270
Last major update 09-10-2018 - 19:32
Published 06-06-2011 - 19:55
Last modified 09-10-2018 - 19:32
Back to Top