CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3277

DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs in datavault allows context-dependent attackers to cause a denial of service (CPU consumption) via an input string composed of an [ (open bracket) followed by many commas, related to a certain regular expression, aka a "ReDoS" vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.checkmarx.com/Upload/Documents/PDF/Checkmarx_OWASP_IL_2009_ReDoS.pdf
http://www.securityfocus.com/archive/1/506419/100/0/threaded
http://www.checkmarx.com/Upload/Documents/PDF/Checkmarx_OWASP_IL_2009_ReDoS.pdf
http://www.securityfocus.com/archive/1/506419/100/0/threaded

Products affected by CVE-2009-3277

Xenu By » Datavault » Version: Any

cpe:2.3:a:xenu_by:datavault:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3277

Products

Pricing

Contact Us