CVE-2010-4594 Information

Description

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 when HTTP Access Services (HTTP-AS) is enabled does not properly process TCP connection requests which allows remote attackers to cause a denial of service (memory consumption and HTTP-AS hang) by making many connection requests that trigger \queue size delta errors\ related to a \timing hole\ issue.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ75163 http://www-01.ibm.com/support/docview.wss?uid=swg27020327