← Back

CVE-2010-4746

nvd nist
Published: Feb 23, 2011Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalization code and (2) pointer mishandling in the syntax normalization code, a different issue than CVE-2011-0019.

Affected (19)

Fedoraproject
1 product
389 Directory Server
Configuration A
19 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
389 Directory Server
Up to 1.2.7
389 Directory Server
Version 1.2.1
389 Directory Server
Version 1.2.2
389 Directory Server
Version 1.2.3
389 Directory Server
Version 1.2.5
389 Directory Server
Version 1.2.5 rc1
389 Directory Server
Version 1.2.5 rc2
389 Directory Server
Version 1.2.5 rc3
389 Directory Server
Version 1.2.5 rc4
389 Directory Server
Version 1.2.6.1
389 Directory Server
Version 1.2.6
389 Directory Server
Version 1.2.6 a2
389 Directory Server
Version 1.2.6 a3
389 Directory Server
Version 1.2.6 a4
389 Directory Server
Version 1.2.6 rc1
389 Directory Server
Version 1.2.6 rc2
389 Directory Server
Version 1.2.6 rc3
389 Directory Server
Version 1.2.6 rc6
389 Directory Server
Version 1.2.6 rc7

Related CWEs

CWE-399
CWE-399

References (4)

Source: cve@mitre.org
Patch
Source: cve@mitre.org
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.