Test Kennung:	1.3.6.1.4.1.25623.1.0.802681
Kategorie:	Denial of Service
Titel:	Oracle Java SE Hash Collision DoS Vulnerability - Windows
Zusammenfassung:	Oracle Java SE is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: Oracle Java SE is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to computes hash values without restricting the ability to trigger hash collisions predictably. Vulnerability Impact: Successful exploitation allows remote attackers to cause a denial of service condition via crafted input to an application that maintains a hash table. Affected Software/OS: Oracle Java SE 7 to 7 Update 5 Solution: Upgrade to Oracle Java SE version 7 Update 6 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2739 VU#903934 http://www.kb.cert.org/vuls/id/903934 [core-libs-dev] 20120522 Review Request CR#7118743 : Alternative Hashing for String with Hash-based Maps http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.html [oss-security] 20120615 CVE request: java hashdos vulnerability http://www.openwall.com/lists/oss-security/2012/06/15/12 [oss-security] 20120616 Re: CVE request: java hashdos vulnerability http://www.openwall.com/lists/oss-security/2012/06/17/1 http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html https://bugzilla.redhat.com/show_bug.cgi?id=750533
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.