CVE-2008-1700
WorkSite Web < 8.2 - Denial of Service via SendNrlLink Directives
Title source: llmDescription
The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41757
Broken Link, Exploit x_refsource_misc
http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf
Scores
EPSS
0.0131
EPSS Percentile
67.0%
Details
CWE
CWE-770
Status
published
Products (1)
interwoven/worksite_web
< 8.2
Published
Apr 08, 2008
Tracked Since
Feb 18, 2026