Description
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a denial of service by directly calling the macro.d2w macro with a long string of %0a characters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ET LoWNOISE · textdoscgi
https://www.exploit-db.com/exploits/20753
References (2)
Core 2
Core References
Exploit mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/176100
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2588
Scores
EPSS
0.0720
EPSS Percentile
91.6%
Details
Status
published
Products (8)
ibm/net.commerce
2.0
ibm/net.commerce
3.0
ibm/net.commerce
3.1
ibm/net.commerce
3.1.1
ibm/net.commerce
3.1.2
ibm/net.commerce_hosting_server
3.1.1
ibm/net.commerce_hosting_server
3.1.2
ibm/websphere_application_server
5.1.0.3
Published
Jul 02, 2001
Tracked Since
Feb 18, 2026