Denial of service - #VU387
Published: September 9, 2016 / Updated: September 9, 2016
Vulnerability identifier: #VU387
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: N/A
CWE-ID: CWE-400
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor:
Affected software:
Detailed vulnerability description
The vulnerability allows remote authenticated user to cause service to deny.
The vulnerability exists due to improper circulation of RTF resources. By allocation of new RTF resources while old resources weren't released, attackers can consume excessive resource spending and target service denial.
The vulnerability exists due to improper circulation of RTF resources. By allocation of new RTF resources while old resources weren't released, attackers can consume excessive resource spending and target service denial.
Successful exploitation of this vulnerability will allow a remote attacker to trigger vulnerable service denial.
Remediation
Update to version 11.23.1 or 13.11.1.