Required CVE Record Information
Description
Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote attackers to cause a denial of service (resource consumption) via a filter using a criteria, text search, and the "any condition" match type.
References 6 Total
- openwall.com: [oss-security] 20130322 Re: CVE request: MantisBT text search query can crash site mailing-list
- https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7
- exchange.xforce.ibmcloud.com: mantisbt-filterapi-dos(83347) vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=924340
- http://www.mantisbt.org/bugs/view.php?id=15573
- securityfocus.com: 58626 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- openwall.com: [oss-security] 20130322 Re: CVE request: MantisBT text search query can crash site mailing-listx_transferred
- https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7 x_transferred
- exchange.xforce.ibmcloud.com: mantisbt-filterapi-dos(83347) vdb-entryx_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=924340 x_transferred
- http://www.mantisbt.org/bugs/view.php?id=15573 x_transferred
- securityfocus.com: 58626 vdb-entryx_transferred