URL: <http://savannah.nongnu.org/bugs/?32014>
Summary: CVE-2010-1677: DoS when processing html messages with deep tag nesting Project: MHonArc Submitted by: ehood Submitted on: Thu 30 Dec 2010 02:45:51 PM CST Category: MIME Filter Severity: 6 - Security Item Group: Undesired Behavior Status: In Progress Privacy: Private Assigned to: ehood Open/Closed: Open Discussion Lock: Any Operating System: All Perl Version: All Component Version: 2.6.16 Fixed Release: _______________________________________________________ Details: If a malformed HTML message contains something like the following: <bo<bo<bo<bo<body>dy>dy>dy>dy> But to a much larger extent, will cause mhonarc to consume a alot of CPU resources to strip out the data. _______________________________________________________ Reply to this item at: <http://savannah.nongnu.org/bugs/?32014> _______________________________________________ Message sent via/by Savannah http://savannah.nongnu.org/ --------------------------------------------------------------------- To sign-off this list, send email to majord...@mhonarc.org with the message text UNSUBSCRIBE MHONARC-DEV