Denial of Service Vulnerability in Moby NetSuite via Content-Length Header

Denial of Service Vulnerability in Moby NetSuite via Content-Length Header

CVE-2002-2258 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call.

Learn more about our Web Application Penetration Testing UK.