Vulnerabilities > CVE-2013-4599 - Resource Management Errors vulnerability in Misery Project Misery

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

misery-project

CWE-399

NVD

Published: 2014-06-09

Updated: 2024-11-21

Summary

The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests.

Vulnerable Configurations

Part	Description	Count
Application	Misery_Project Misery Project Misery 7.X-2.0 Misery Project Misery 6.X-2.4 Misery Project Misery 6.X-2.1 Misery Project Misery 7.X-2.1 Misery Project Misery 6.X-2.2 Misery Project Misery 6.X-2.0 Misery Project Misery 6.X-2.3	7

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://seclists.org/oss-sec/2013/q4/317
http://seclists.org/oss-sec/2013/q4/317
http://www.securityfocus.com/bid/63705
http://www.securityfocus.com/bid/63705
https://drupal.org/node/2134409
https://drupal.org/node/2134409
https://drupal.org/node/2134413
https://drupal.org/node/2134413
https://drupal.org/node/2135273
https://drupal.org/node/2135273