CVE-2006-5467

CVSS v2.0 5 (Medium)

EPSS 20.60 % (96^th)

Affected Products 1

Advisories 7

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID.

Weaknesses

CWE-399: Resource Management Errors

Related CVEs

CVE-2006-6303

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2006-10-27 18:07:00
(18 years ago)
Updated Date: 2017-10-11 01:31:19
(7 years ago)

Affected Products

Yukihiro Matsumoto

Ruby

Configuration #1

		CPE23	From	Up To
	Yukihiro Matsumoto Ruby 1.8	cpe:2.3:a:yukihiro_matsumoto:ruby:1.8