WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle JRE Cryptographic Issues Vulnerability (CVE-2012-2739)

Description

Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

Remediation

References

Related Vulnerabilities

Oracle Database Server CVE-2011-0793 Vulnerability (CVE-2011-0793)

WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.1)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33939)

Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7818)

PostgreSQL Other Vulnerability (CVE-2002-1642)

Severity

Medium

Classification

CVE-2012-2739

Tags

Missing Update Known Vulnerabilities