Phase:The AToZed IntraWeb component 8.0 and earlier for Borland Delphi and Kylix, and IntraWeb 9.0 before build (9.0.12), allows remote attackers to cause a denial of service (thread hang or CPU consumption) via a crafted HTTP request, related to the OnBeforeDispatch function in the TIWServerController object.
ReferencesBUGTRAQ:Tuesday, January 23, 2007 AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability | URL:http://www.securityfocus.com/archive/1/archive/1/457758/100/0/threaded | BUGTRAQ:Thursday, January 25, 2007 Re: AToZed Software Intraweb Component for Borland D
Votes:Assigned (Thursday, January 25, 2007)
Comments:None (candidate not yet proposed)
F7: