CVE-2012-2739
Published Nov 28, 2012
Last updated 12 years ago
Overview
- Description
- Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-310
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F20B2290-B3B8-41A1-AC5F-38CE0B2FD644",
"versionEndIncluding": "1.7.0"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301"
},
{
"criteria": "cpe:2.3:a:oracle:jre:*:update5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBD01453-4644-47A2-9FD5-7606CCB483F6",
"versionEndIncluding": "1.7.0"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E496C8B-BA28-4E4F-8168-10E623179DF9",
"versionEndIncluding": "1.7.0"
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A6505E4-8E6A-4888-8B9C-2B2C10546CB6"
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CA81243-2FC7-481B-AFD8-067E3EC9DF77"
}
],
"operator": "OR"
}
]
}
]