Executive Summary



This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary
Informations
Name CVE-2012-2739 First vendor Publication 2012-11-28
Vendor Cve Last vendor Modification 2012-11-28

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2739

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-310 Cryptographic Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 70
Application 68
Application 4

OpenVAS Exploits

Date Description
2012-12-04 Name : Oracle Java SE Hash Collision DoS Vulnerability (Windows)
File : nvt/gb_oracle_java_se_hash_collision_dos_vuln_win.nasl
2012-01-12 Name : Apache Tomcat Hash Collision Denial Of Service Vulnerability
File : nvt/gb_apache_tomcat_hash_collision_dos_vuln_win.nasl
2012-01-05 Name : Oracle GlassFish Server Hash Collision Denial of Service Vulnerability
File : nvt/gb_glassfish_hash_collision_dos_vuln.nasl
2012-01-03 Name : PHP Web Form Hash Collision Denial of Service Vulnerability (Win)
File : nvt/gb_php_web_form_hash_collision_dos_vuln_win.nasl
2011-12-30 Name : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)
File : nvt/secpod_ms11-100.nasl

Nessus® Vulnerability Scanner

Date Description
2012-07-17 Name : The remote device has a denial of service vulnerability.
File : juniper_psn-2012-07-650.nasl - Type : ACT_GATHER_INFO
2012-03-19 Name : A web-based application running on the remote Windows host is affected by a d...
File : coldfusion_win_apsb12-06.nasl - Type : ACT_GATHER_INFO
2012-01-13 Name : The remote web server is affected by a denial of service vulnerability
File : tomcat_5_5_35.nasl - Type : ACT_GATHER_INFO
2012-01-13 Name : The remote web server is affected by a denial of service vulnerability.
File : tomcat_7_0_23.nasl - Type : ACT_GATHER_INFO
2011-12-29 Name : The version of ASP.NET Framework installed on the remote host is affected by ...
File : smb_nt_ms11-100.nasl - Type : ACT_GATHER_INFO
2011-12-12 Name : The remote web server is affected by multiple vulnerabilities.
File : tomcat_6_0_35.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CERT-VN http://www.kb.cert.org/vuls/id/903934
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=750533
MISC http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html
http://www.nruns.com/_downloads/advisory28122011.pdf
http://www.ocert.org/advisories/ocert-2011-003.html
MLIST http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.html
http://www.openwall.com/lists/oss-security/2012/06/15/12
http://www.openwall.com/lists/oss-security/2012/06/17/1

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Date Informations
2019-05-10 12:04:41
  • Multiple Updates
2018-10-30 12:05:04
  • Multiple Updates
2018-10-23 12:04:03
  • Multiple Updates
2018-07-25 12:03:10
  • Multiple Updates
2018-05-02 12:01:08
  • Multiple Updates
2018-02-06 01:01:37
  • Multiple Updates
2017-10-27 12:01:30
  • Multiple Updates
2017-08-17 12:05:22
  • Multiple Updates
2017-05-12 12:04:00
  • Multiple Updates
2017-02-11 12:00:45
  • Multiple Updates
2016-11-01 12:03:39
  • Multiple Updates
2016-08-05 12:03:46
  • Multiple Updates
2016-06-28 19:09:28
  • Multiple Updates
2016-04-26 21:52:02
  • Multiple Updates
2013-05-10 22:40:23
  • Multiple Updates
2012-11-28 21:19:57
  • Multiple Updates
2012-11-28 17:20:09
  • First insertion