Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15191
HistoryJan 06, 2010 - 12:00 a.m.

MyBB adodb_mktime()日期参数远程拒绝服务漏洞

2010-01-0600:00:00
Root
www.seebug.org
13

EPSS

0.023

Percentile

89.7%

JSON

CVE ID:CVE-2009-4448

MyBB是一款流行的基于PHP的论坛程序。
MyBB inc/functions_time.php文件中包含的adodb_mktime()函数在处理部分日期值时存在漏洞,攻击者提交包含超大的year参数值的报文就会触发大量循环,导致CPU负载过高造成拒绝服务攻击。

MyBB 1.4.10
用户可参考如下安全公告获得补丁信息:
http://dev.mybboard.net/projects/mybb/repository/revisions/4613/diff/branches/1.4-stable/inc/functions_time.php

Related

cvelist 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2009-4448
2009-12-29 20:15:00
cve
cve
CVE-2009-4448
2009-12-29 20:41:20
prion
prion
Design/Logic Flaw
2009-12-29 20:41:00
nvd
nvd
CVE-2009-4448
2009-12-29 20:41:20

EPSS

0.023

Percentile

89.7%

JSON
Related for SSV:15191
cvelist1cve1prion1nvd1