CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 1CVE-2012-2739
https://notcve.org/view.php?id=CVE-2012-2739
Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. Oracle Java SE anteriores a 7 Update 6, y OpenJDK 7 anteriores a 7u6 build 12 y 8 anteriores a build 39, calculan los valores de hash sin restringir la posibilidad de provocar colisiones hash previsibles, lo que permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de CPU) a través de la manipulación de una entrada para la aplicación que mantiene la tabla de valores hash. • http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.html http://www.kb.cert.org/vuls/id/903934 http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html http://www.openwall.com/lists/oss-security/2012/06/15/12 http://www.openwall.com/lists/oss-security/2012/06/17/1 https://bugzilla.redhat.com/show_bug.cgi?id=750533 • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2012-5373
https://notcve.org/view.php?id=CVE-2012-5373
Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against the MurmurHash3 algorithm, a different vulnerability than CVE-2012-2739. Oracle Java SE 7 y anteriores, y OpenJDK 7 y anteriores, calcula los valores hash sin restringir la posibilidad de provocar colisiones hash previsibles, lo que permite a atacantes dependientes de contexto provocar una denegación de servicio (consumo de CPU) a través de la manipulación de una entrada a la aplicación que mantiene la tabla de valores hash, como se demostró con un ataque universal multicollision contra el algoritmo MurmurHash3, una vulnerabilidad diferente a CVE-2012-2739. • http://2012.appsec-forum.ch/conferences/#c17 http://asfws12.files.wordpress.com/2012/11/asfws2012-jean_philippe_aumasson-martin_bosslet-hash_flooding_dos_reloaded.pdf http://www.ocert.org/advisories/ocert-2012-001.html http://www.securityfocus.com/bid/56673 https://bugzilla.redhat.com/show_bug.cgi?id=880705 https://exchange.xforce.ibmcloud.com/vulnerabilities/80299 https://www.131002.net/data/talks/appsec12_slides.pdf • CWE-310: Cryptographic Issues •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2009-0723 – LittleCms integer overflow
https://notcve.org/view.php?id=CVE-2009-0723
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de enteros en LittleCMS (también conocido como lcms o liblcms) anteriores a v1.18beta2, como el utilizado en Firefox v3.1beta, OpenJDK, y GIMP, permiten a atacantes dependientes de contexto ejecutar código arbitrario a través de un fichero de imagen manipulado, que provoca un desbordamiento de buffer basada en montículo. NOTA: algunos de estos detalles son obtenidos de información de terceras personas. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2009-0733 – LittleCms lack of upper-bounds check on sizes
https://notcve.org/view.php?id=CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. Múltiples desbordamientos de búfer basados en pila en la función ReadSetOfCurves en LittleCMS (alias LCMS o liblcms) antes de la versión 1.18beta2, tal y como se usa en Firefox 3.1beta, OpenJDK, y GIMP, permiten ejecutar código arbitrario, a atacantes dependientes de contexto, a través de un archivo de imagen modificado con valores de enteros demasiado grandes en el (1) canal de entrada o (2) canal de salida, en relación con las funciones ReadLUT_A2B y ReadLUT_B2A. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 2CVE-2009-0581 – LittleCms memory leak
https://notcve.org/view.php?id=CVE-2009-0581
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Fuga de memoria en versiones de LittleCMS (alias LCMS o liblcms) anteriores a la 1.18beta2, tal como se utiliza en Firefox 3.1beta, OpenJDK, y el GIMP, permite causar, a atacantes dependientes de contexto, una denegación de servicio (mediante consumo de memoria y caida de la aplicación) a través de un archivo de imagen debidamente modificado. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-401: Missing Release of Memory after Effective Lifetime •