Vulnerability Description
Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstrated by the PROTOS LDAPv3 test suite.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Teamware | Teamware Office | 5.0 |
References
- http://ciac.llnl.gov/ciac/bulletins/l-116.shtmlPatchVendor Advisory
- http://www.cert.org/advisories/CA-2001-18.htmlThird Party AdvisoryUS Government Resource
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
- http://www.kb.cert.org/vuls/id/688960US Government Resource
- http://www.kb.cert.org/vuls/id/JPLA-4WESNAUS Government Resource
- http://ciac.llnl.gov/ciac/bulletins/l-116.shtmlPatchVendor Advisory
- http://www.cert.org/advisories/CA-2001-18.htmlThird Party AdvisoryUS Government Resource
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
- http://www.kb.cert.org/vuls/id/688960US Government Resource
- http://www.kb.cert.org/vuls/id/JPLA-4WESNAUS Government Resource
FAQ
What is CVE-2001-1317?
CVE-2001-1317 is a vulnerability with a CVSS score of 7.5 (HIGH). Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstrat...
How severe is CVE-2001-1317?
CVE-2001-1317 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1317?
Check the references section above for vendor advisories and patch information. Affected products include: Teamware Teamware Office.