CVE-2007-3113
First published: Thu Jun 07 2007(Updated: )
Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| The Cacti Group Cacti | <=0.8.6i | |
| redhat/0.8.6j | <8. | 8. |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://mdessus.free.fr/?p=15
- http://bugs.cacti.net/view.php?id=955
- http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956
- http://secunia.com/advisories/25557
- https://bugzilla.redhat.com/show_bug.cgi?id=243592
- http://fedoranews.org/updates/FEDORA-2007-219.shtml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:184
- http://secunia.com/advisories/26872
- http://osvdb.org/37019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34747
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3112
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3113
- http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956&makepatch=1&diff_format=h
- collector/nvd-historical
- collector/nvd-index
- collector/redhat-bugzilla
- alias/CVE-2007-3113
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/the cacti group
- canonical/the cacti group cacti
- version/the cacti group cacti/0.8.6i
- package-manager/redhat