CVE-2012-6330

Published Jan 4, 2013

Last updated 3 months ago

CVSS info 5.0

Overview

Description: The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-189

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:twiki:twiki:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4D4B535-185E-4AE2-AFC1-212D520E859D",
            "versionEndIncluding": "5.1.2"
          },
          {
            "criteria": "cpe:2.3:a:twiki:twiki:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07BBEFE6-5F18-4663-B324-1C2A9AE9DBEE"
          },
          {
            "criteria": "cpe:2.3:a:twiki:twiki:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7962DD6F-7915-4790-BA93-7019014BD8F4"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF0B6551-9ED0-4D32-A9DC-C1167550ECED"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9280019F-EBB1-476A-BF19-B9B2FA5F929B"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBE5ADD0-893A-4E5E-AF4D-550562338FB8"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46521E63-4714-4464-AA2F-91E3DC892389"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "711FE886-F31B-4931-92A5-739001A8EFBA"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86B3A5FB-EF9D-443E-9626-00A0C157D779"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5C38025-5D6C-4862-879A-B6BB489AD9E0"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F126547D-222B-4671-93CF-4F8E0124DA8A"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA6EA3C8-6739-43D8-981D-D4A1799B5C9C"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CE81899-0502-4BFB-91B6-D5E321817022"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "345AD50C-E933-4311-9925-798302D121AA"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52934CA5-415D-4A65-9194-896012A1A2A0"
          },
          {
            "criteria": "cpe:2.3:a:foswiki:foswiki:1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DE21744-59DC-44C0-B33E-94942B1911DF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References