CVE-2013-1883 Information

Description

Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote attackers to cause a denial of service (resource consumption) via a filter using a criteria text search and the \any condition\ match type.

Reference

http://www.mantisbt.org/bugs/view.php?id=15573 http://www.openwall.com/lists/oss-security/2013/03/22/2 http://www.securityfocus.com/bid/58626 https://bugzilla.redhat.com/show_bug.cgi?id=924340 https://exchange.xforce.ibmcloud.com/vulnerabilities/83347 https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7