SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| loom_software | surfnow_standard | 2.0 |
| loom_software | surfnow_professional | 2.2 |
| loom_software | surfnow_professional | 1.2 |
| loom_software | surfnow_professional | 1.4 |
| loom_software | surfnow_professional | 2.0 |
| loom_software | surfnow_standard | 1.2 |
| loom_software | surfnow_standard | 1.6 |
| loom_software | surfnow_standard | 2.2 |
| loom_software | surfnow_professional | 2.1 |
| loom_software | surfnow_professional | 1.6 |
| loom_software | surfnow_standard | 2.1 |
| loom_software | surfnow_standard | 1.4 |
| loom_software | surfnow_professional | 1.5 |
| loom_software | surfnow_standard | 1.5 |