CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2008-3534
Linux Kernel < 2.6.26.1 - Denial of Service via tmpfs Inode Deletion
CVE-2008-0132
Pragma FortressSSH < 5.0 - Denial of Service via Long SSH Input
CVE-2007-20001 HIGH
StarWind iSCSI SAN < 3.5 - Denial of Service via Socket Exhaustion
CVSS 7.5
CVE-2007-4725
7-zip < 4.42 - Stack Consumption via Long Filename in Archive
CVE-2007-2650
ClamAV < 0.90.3 - Denial of Service via OLE2 Parser
CVE-2007-1377
Adobe Acrobat Reader 8.0 - Denial of Service via Malformed PDF URL Anchor
CVE-2007-0086
Apache HTTP Server - Denial of Service via Range Header Fragment Multiplication
CVE-2006-7229 HIGH
Linux kernel 2.6.15 skge driver - Denial of Service via Network Traffic Flood
CVSS 7.5
CVE-2006-5648 MEDIUM
Ubuntu Linux 6.10 - Denial of Service via sys_get_robust_list and sys_set_robust_list
CVSS 5.5
CVE-2006-5649 MEDIUM
Ubuntu Linux 5.10, 6.06 LTS, and 6.10 - Denial of Service via Alignment Check Exception Handling
CVSS 5.5
CVE-2006-6017 MEDIUM
WordPress < 2.0.5 - Authenticated Denial of Service via Malformed Serialized Object
CVSS 6.5
CVE-2006-6025 HIGH
QUALCOMM Eudora WorldMail 4.0 - Denial of Service
CVSS 7.5
CVE-2006-5708 HIGH
MDaemon < 9.50 - Denial of Service via Memory Leak
CVSS 7.5
CVE-2006-1364 HIGH
ASP.NET < 1.1 - Denial of Service via COM Component Requests
CVSS 7.5
CVE-2005-2309
Opera 8.01 - Denial of Service via Crafted JPEG Image
CVE-2005-1260
bzip2 < 1.0.3 - Denial of Service via Decompression Bomb
CVE-2005-0738
Microsoft Exchange Server 2003 SP1 - Denial of Service via Deeply Nested Folder Deletion
CVE-2004-1201
Opera Browser < 7.54 - Denial of Service via Nested Array Sorting
CVE-2004-1464 MEDIUM KEV
Cisco IOS < 12.2(15)zj3 - Denial of Service via Crafted TCP Connection to Telnet Port
CVSS 5.9
CVE-2003-0714
Exchange Server 5.5 and 2000 - Denial of Service via SMTP Extended Verb Request
CVE-2002-20001 HIGH
Balasys Dheater < 16.1.4 - Denial of Service
CVSS 7.5
CVE-2002-1873
Microsoft Exchange 2000 - Denial of Service via Malformed MSRPC Calls
CVE-2002-1876
Microsoft Exchange 2000 - Authenticated Denial of Service via License Consumption
CVE-2002-0368
Microsoft Exchange Server 2000 - Denial of Service via Malformed RFC Message Attribute
CVE-2001-0827 HIGH
Cerberus FTP Server 1.0-1.5 - Denial of Service via PASV Request Flood
CVSS 7.5
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits