CVE-2010-3476
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2010-3476
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2010-3476.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2010-3476
- Downstream
- Published
- 2010-09-20T22:00:04Z
- Modified
- 2025-04-11T00:51:21Z
- Summary
- [none]
- Details
-
Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service (CPU consumption) via a large message, a different vulnerability than CVE-2010-2080.
- References
-
- http://otrs.org/advisory/OSA-2010-02-en/
- http://secunia.com/advisories/41381
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
- http://security-tracker.debian.org/tracker/CVE-2010-2080
- http://www.securityfocus.com/bid/43264
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61869