Vulnerabilities > CVE-2011-1952 - Resource Management Errors vulnerability in Postrev Post Revolution

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

postrev

CWE-399

NVD

Published: 2011-06-06

Updated: 2018-10-09

Summary

common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service (infinite loop) via malformed HTML markup, as demonstrated by an a< sequence.

Vulnerable Configurations

Part	Description	Count
Application	Postrev Postrev Post Revolution 0.6.2 Postrev Post Revolution 0.6.3 Postrev Post Revolution 0.6.4 Postrev Post Revolution 0.6.5 Postrev Post Revolution 0.6.6 Postrev Post Revolution 0.7.0 Postrev Post Revolution 0.8.0 Postrev Post Revolution 0.8.0B Postrev Post Revolution *	12

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Packetstorm

data source	https://packetstormsecurity.com/files/download/101893/postrevolution-xssxsrfdos.txt
id	PACKETSTORM:101893
last seen	2016-12-05
published	2011-06-01
reporter	Javier Bassi
source	https://packetstormsecurity.com/files/101893/Post-Revolution-0.8.0c-XSS-XSRF-Denial-Of-Service.html
title	Post Revolution 0.8.0c XSS / XSRF / Denial Of Service

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Packetstorm

References