CVE-2011-5035 in Fusion Middlewareinformação

Sumário

de MITRE

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

29/12/2011

Divulgação

29/12/2011

Moderação

aceite

Entrada

Relacionar

mostrar

CPE

pronto

CWE

CWE-20 (confirmado)

Exploração

Descarregar

CVSS

5.0 (NVD)

EPSS

0.68914

KEV

não

Atividades

muito baixo

Sector

Finance, Energy, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-5035
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-5035
CVE Details	https://www.cvedetails.com/cve/CVE-2011-5035/

◂ Voltar Visão Geral Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!