Vulnerabilities > CVE-2004-2164 - Denial Of Service vulnerability in Virtual Programming Vp-Asp 5.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

virtual-programming

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption).

Vulnerable Configurations

Part	Description	Count
Application	Virtual_Programming Virtual Programming VP ASP 5.0	1

References

http://secunia.com/advisories/12611
http://www.osvdb.org/10071
http://www.securityfocus.com/bid/11228
http://www.securitytracker.com/alerts/2004/Sep/1011359.html
http://www.vpasp.com/virtprog/info/faq_securityfixes.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/17436