Published: 30/06/2003 Updated: 18/10/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized portions of memory, as demonstrated using the "-->" string in a CookieName argument to the login template, referred to as a "memory leak" in some reports.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vignette content suite 6.0
vignette storyserver 4.0
vignette storyserver 4.1
vignette vignette 5.0
vignette storyserver 4.2
vignette storyserver 5.0

source: wwwsecurityfocuscom/bid/7684/info Vignette is prone to an issue which may expose the contents of memory to remote attackers This condition is due to a flaw in how StoryServer calculates the size of certain characters in URI variables, which may cause data from adjacent memory to be returned to the remote attacker in the response ...

source: wwwsecurityfocuscom/bid/7296/info It has been reported that Vignette StoryServer, under some circumstances may reveal stack memory content If a specially crafted request is made for a page that accepts user-supplied data an error state may be triggered If the attack is successful a dump of the current stack contents will be ret ...

NVD-CWE-Other http://www.s21sec.com/es/avisos/s21sec-018-en.txt http://www.iss.net/security_center/static/12075.php http://www.securityfocus.com/bid/7684 http://marc.info/?l=bugtraq&m=105405985126857&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/22646/

CVE-2003-0400

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect