Vulnerability Details CVE-2008-1700
The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.1%
CVSS Severity
CVSS v2 Score 7.1
References
- http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41757
- http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41757
Products affected by CVE-2008-1700
-
cpe:2.3:a:interwoven:worksite_web:*