CVE-2011-4610

Опубликовано: 31 янв. 2012

Источник: redhat

CVSS2: 5

EPSS Низкий

Описание

JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service (infinite loop) via vectors related to a crafted UTF-8 and a "surrogate pair character" that is "at the boundary of an internal buffer."

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	tomcat5	Not affected
Red Hat Enterprise Linux 6	tomcat6	Not affected
Red Hat JBoss BRMS 5	Security	Affected
Red Hat JBoss Enterprise Web Server 1	tomcat5	Not affected
Red Hat JBoss Enterprise Web Server 1	tomcat6	Not affected
JBEWP 5 for RHEL 5	jbossweb	Fixed	RHSA-2012:0076	31.01.2012
JBEWP 5 for RHEL 6	jbossweb	Fixed	RHSA-2012:0076	31.01.2012
JBoss Communications Platform 5.1		Fixed	RHSA-2012:0078	31.01.2012
JBoss Enterprise BRMS Platform 5.1		Fixed	RHSA-2012:0325	22.02.2012
Red Hat JBoss Enterprise Application Platform 5.1		Fixed	RHSA-2012:0075	31.01.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

https://bugzilla.redhat.com/show_bug.cgi?id=767871JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary

EPSS

Процентиль: 81%

0.01496

Низкий

5 Medium

CVSS2

Связанные уязвимости

CVE-2011-4610

nvd

почти 12 лет назад

CVE-2011-4610

debian

почти 12 лет назад

JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1 ...

GHSA-hh9c-c3q8-gv72

github

больше 3 лет назад

EPSS

Процентиль: 81%

0.01496

Низкий

5 Medium

CVSS2