CVE-2011-5035 in Fusion Middlewareinformazioni

Riassunto

di MITRE

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

29/12/2011

Divulgazione

29/12/2011

Moderazione

accettato

Voce

2

Collegare

mostrare

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.68914

KEV

no

Attività

molto basso

Settore

Education, Transportation, ...

Fonti

MITREhttps://www.cve.org/CVERecord?id=CVE-2011-5035
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2011-5035
CVE Detailshttps://www.cvedetails.com/cve/CVE-2011-5035/

PrecedenteVisione D'ensembleIl prossimo

Want to know what is going to be exploited?

We predict KEV entries!