CVE Reference: CVE-2009-4875

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2009-4875

Description:
FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains "ctrl" characters.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/51738

SAID
  Secunia Advisory: SA35870

OSVDB
  56060

CONFIRM
  http://dev.fckeditor.net/ticket/3902
  http://java.fckeditor.net/changes-report.html#a2.4.2
  http://sourceforge.net/project/shownotes.php?release_id=697258

BID
  35709


Return to the previous page.