The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests.
References
Link | Resource |
---|---|
http://seclists.org/oss-sec/2013/q4/317 | |
http://www.securityfocus.com/bid/63705 | |
https://drupal.org/node/2134409 | Patch |
https://drupal.org/node/2134413 | Patch |
https://drupal.org/node/2135273 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-06-09T19:00:00
Updated: 2014-06-09T18:57:01
Reserved: 2013-06-12T00:00:00
Link: CVE-2013-4599
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-06-09T19:55:09.600
Modified: 2014-06-25T16:59:03.427
Link: CVE-2013-4599
JSON object: View
Redhat Information
No data.
CWE