VWE-2010-0110 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2010-0110
This page is a chapter in Info Known Vulnerabilities

This page has been seen 194,369 times.

- Created by
  dianiz
  on April 18, 2015
  
  Last updated by
  pegasus
  on February 16, 2017

Common Name Overlimit Vulnerability
VWE-ID VWE-2010-0110
Related Report None
Severity Extreme
Exploit Difficulty EASY
Platform Affects all platforms supported by the vulnerable versions.
Description Denial of Service Amplification.

Discovered September 17, 2010 / April 8, 2015
Resolved As discovered April 8, 2015, patch provided September 30, 2010 did not successfully resolve the issue.
Patches Available Update to an unaffected version of the 4.x series.
Workaround Update permissions so that no users can view any special pages or the history tab.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	Overlimit Vulnerability
VWE-ID	VWE-2010-0110
Related Report	None
Severity	Extreme
Exploit Difficulty	EASY
Platform	Affects all platforms supported by the vulnerable versions.
Description	Denial of Service Amplification.
Discovered	September 17, 2010 / April 8, 2015
Resolved	As discovered April 8, 2015, patch provided September 30, 2010 did not successfully resolve the issue.
Patches Available	Update to an unaffected version of the 4.x series.
Workaround	Update permissions so that no users can view any special pages or the history tab.