Lucene search

MitreCVE-2004-2164

HistoryJul 10, 2005 - 4:00 a.m.

CVE-2004-2164

2005-07-1004:00:00

mitre

web.nvd.nist.gov

cve-2004-2164

shoprestoreorder

vp-asp 5.0

database connection

denial of service

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON

shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption).

Affected configurations

Nvd

Node

virtual_programmingvp-aspMatch5.0

VendorProductVersionCPE
virtual_programmingvp-asp5.0cpe:2.3:a:virtual_programming:vp-asp:5.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
virtual_programming	vp-asp	5.0	cpe:2.3:a:virtual_programming:vp-asp:5.0:::::::*

References

secunia.com/advisories/12611

www.osvdb.org/10071

www.securityfocus.com/bid/11228

www.securitytracker.com/alerts/2004/Sep/1011359.html

www.vpasp.com/virtprog/info/faq_securityfixes.htm

exchange.xforce.ibmcloud.com/vulnerabilities/17436

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON

Related for CVE-2004-2164