The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-20... | |||
| [foswiki-announce] 20121212 Security Alert CVE-2012-6329... | |||
| 56950 |