Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service (CPU consumption) via a large message, a different vulnerability than CVE-2010-2080.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2010-09-20 15:00
Updated : 2017-08-16 18:32
NVD link : CVE-2010-3476
Mitre link : CVE-2010-3476
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
otrs
- otrs