Vulnerability Description
The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opentext | Opentext Firstclass | 7.1 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0321.htmlVendor Advisory
- http://secunia.com/advisories/13415Vendor Advisory
- http://securitytracker.com/id?1012478
- http://www.osvdb.org/12350
- http://www.securityfocus.com/bid/11877Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18424
- http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0321.htmlVendor Advisory
- http://secunia.com/advisories/13415Vendor Advisory
- http://securitytracker.com/id?1012478
- http://www.osvdb.org/12350
- http://www.securityfocus.com/bid/11877Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18424
FAQ
What is CVE-2004-2496?
CVE-2004-2496 is a vulnerability with a CVSS score of 7.8 (HIGH). The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search.
How severe is CVE-2004-2496?
CVE-2004-2496 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2496?
Check the references section above for vendor advisories and patch information. Affected products include: Opentext Opentext Firstclass.