CVE-2015-10103 Vulnerability Details

  /     /     /  

CVE-2015-10103 Metadata Quick Info

CVE Published: 17/04/2023 | CVE Updated: 06/08/2024 | CVE Year: 2015
Source: VulDB | Vendor: InternalError503 | Product: Forget It
Status : PUBLISHED

---

CVE-2015-10103 Description

A vulnerability, which was classified as problematic, was found in InternalError503 Forget It up to 1.3. This affects an unknown part of the file js/settings.js. The manipulation of the argument setForgetTime with the input 0 leads to infinite loop. It is possible to launch the attack on the local host. Upgrading to version 1.4 is able to address this issue. The patch is named adf0c7fd59b9c935b4fd675c556265620124999c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-226119.

Metrics

CVSS Version: 3.1 | Base Score: 2.8 LOW
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-835
CWE Name: CWE-835 Infinite Loop
Source: InternalError503

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).