fkie_nvd - fkie_cve-2015-1886

fkie_cve-2015-1886

Vulnerability from fkie_nvd

Published

2015-04-27 11:59

Modified

2024-11-21 02:26

Severity ?

Summary

The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1PI37356
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21701566	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/74216	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1032189	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1PI37356
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21701566	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/74216	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032189	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
ibm	websphere_portal	6.1.0.0
ibm	websphere_portal	6.1.0.1
ibm	websphere_portal	6.1.0.2
ibm	websphere_portal	6.1.0.3
ibm	websphere_portal	6.1.0.4
ibm	websphere_portal	6.1.0.5
ibm	websphere_portal	6.1.0.6
ibm	websphere_portal	6.1.5.0
ibm	websphere_portal	6.1.5.1
ibm	websphere_portal	6.1.5.2
ibm	websphere_portal	6.1.5.3
ibm	websphere_portal	7.0.0.0
ibm	websphere_portal	7.0.0.1
ibm	websphere_portal	7.0.0.2
ibm	websphere_portal	8.0.0.0
ibm	websphere_portal	8.0.0.1
ibm	websphere_portal	8.5.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DB29F4-59AB-439C-91C4-CDF677676C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D6CA922-11EF-4315-A09A-B4A8937E4CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "526738D7-1AF8-4A8F-B833-BA0E35973A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D6BE9C-16FD-4FB4-8A87-56B42C246316",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1964FC-672F-4139-938F-A8EF9D86D9C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5B50CEA-AFC4-4B45-9954-519965237FC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0902AC0F-EA4D-4E65-A70A-15DE9B904B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D808F95D-C6BD-43EB-B16C-66449977BCFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D303B0B9-CDAB-409B-AE44-512D4791C36F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6ECEE98-B276-4ED6-AA5A-109EA57E9925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E4FF84B-A17F-464B-A718-67C44D2C69BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90EF7A4-8181-42C3-BB95-395D0DD94C14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F40E0F5-B964-4BDC-828E-7571619F7C5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D03AF20E-0C29-45A6-9B7F-8260D8D9E8BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests."
    },
    {
      "lang": "es",
      "value": "Remote Document Conversion Service (DCS) en IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF27, 7.0.0 hasta 7.0.0.2 CF29, 8.0.0 hasta 8.0.0.1 CF16, y 8.5.0 hasta CF05 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de solicitudes manipuladas."
    }
  ],
  "id": "CVE-2015-1886",
  "lastModified": "2024-11-21T02:26:20.540",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-04-27T11:59:05.110",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI37356"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701566"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/74216"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI37356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/74216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032189"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2015-1886

Vulnerability from cvelistv5

Published

2015-04-24 23:00

Modified

2024-08-06 04:54