|Improper Restriction of Operations within the Bounds of a Memory Buffer|
|Resource Management Errors|
|Vulnerability||Severity Score||Release Date||Summary|
|CVE-2014-3090||5.0||Sept. 23, 2014||
IBM Rational ClearCase 7.1 before 126.96.36.199, 8.0.0 before 188.8.131.52, and 8.0.1 before 184.108.40.206 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
|CVE-2014-3101||5.0||Sept. 23, 2014||
The login form in the Web component in IBM Rational ClearQuest 7.1 before 220.127.116.11, 8.0.0 before 18.104.22.168, and 8.0.1 before 22.214.171.124 does not insert a delay after a failed authentication attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.