Published:2005/07/28 Last Updated:2008/05/21
JVN#29273468
QRcode Perl CGI & PHP script vulnerable to denial of service attack
Overview
QRcode Perl CGI & PHP script, a QR code image generation tool, contains a vulnerability that may cause excessive consumption of server resources. Upon a specific request, resources of a server could be excessively comsumed until the server becomes unable to respond to requests from clients, which could also affect other processes running on the server.
Products Affected
- QRcode Perl/CGI & PHP script ver. 0.50f and earlier (including both Perl versions and PHP versions)
Description
Impact
A remote attacker may cause a denial of service (DoS) attack.
Solution
References
JPCERT/CC Addendum
Credit
Tomohito Yoshino of Business Architects Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports |
JPCERT-WR-2005-3001 JPCERT/CC REPORT 2005-08-03 |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2005-000778 |