CVE-2010-4594

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Mobile Connect
Vendor: CVE Published:; 22 December 2010

Summary

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote attackers to cause a denial of service (memory consumption and HTTP-AS hang) by making many connection requests that trigger "queue size delta errors," related to a "timing hole" issue.

References

http://www-01.ibm.com/support/docview.wss?uid=swg27020327

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ75163

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 22, 2010