Red Hat Bugzilla – Bug 978482
CVE-2013-4199 plone: DoS by decompressing large zip archives (cb_decode.py, linkintegrity.py)
Last modified: 2015-08-22 11:19:21 EDT
A denial of service flaw was found in the way Plone, a user friendly and powerful content management system, used to previously expand certain zip archives. Remote attacker, authenticated Plone user could issue Zip archive expand request with specially-crafted archive that, when processed would lead to uncontrolled resources consumption (denial of service).
The CVE identifier of CVE-2013-4199 has been assigned to this issue:
Created plone tracking bugs for this issue:
Affects: epel-5 [bug 991015]