Buffer overflow in Cisco Web_security_virtual_appliance
CVE-2015-6290
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.
Vulnerability class: Buffer Overflow
EPSS: 0.005 (65.5th percentile) — read the EPSS interpretation.
Affected products
- Cisco Web_security_virtual_appliance — versions 8.0.5, 8.0.6, 8.0.7
- N/a — versions n/a
Weakness classification (CWE)
References
- 20150909 Cisco Web Security Appliance Malformed HTTP Response Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- 1033530 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
- 76687 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)