Vulnerability Details CVE-2009-5072
Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memory consumption) via an empty string argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.2%
CVSS Severity
CVSS v2 Score 4.0
References
Products affected by CVE-2009-5072
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.0
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.1
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.14
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.19
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.33
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.41
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.45
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.52
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.53
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.54
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.55
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.56
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.57
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.58
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.59
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.60
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.7
-
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.8