CVE-2013-5512 Information

Description

Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46) 8.3.x before 8.3(2.39) 8.4.x before 8.4(5.5) 8.5.x before 8.5(1.18) 8.6.x before 8.6(1.12) 8.7.x before 8.7(1.4) 9.0.x before 9.0(1.4) and 9.1.x before 9.1(1.2) in certain conditions involving the spoof-server option or ActiveX or Java response inspection allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response aka Bug ID CSCud37992.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5512