Lucene search
RedhatCVELIST:CVE-2012-2328HistoryFeb 10, 2014 - 5:00 p.m.
CVE-2012-2328
2014-02-1017:00:00
redhat
www.cve.org
internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file.
References
lists.opensuse.org/opensuse-updates/2012-12/msg00015.html
lists.opensuse.org/opensuse-updates/2013-01/msg00038.html
rhn.redhat.com/errata/RHSA-2012-0987.html
sblim.cvs.sourceforge.net/viewvc/sblim/jsr48-client/src/org/sblim/cimclient/internal/cimxml/sax/NodeFactory.java?view=log#rev1.7
sourceforge.net/p/sblim/bugs/2381/
Related
nessus
nessus
RHEL 6 : sblim-cim-client2 (RHSA-2012:0987)
2012-06-20 00:00:00
Oracle Linux 6 : sblim-cim-client2 (ELSA-2012-0987)
2013-07-12 00:00:00
Scientific Linux Security Update : sblim-cim-client2 on SL6.x (20120620)
2012-08-01 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2012-0987)
2015-10-06 00:00:00
CentOS Update for sblim-cim-client2 CESA-2012:0987 centos6
2012-07-30 00:00:00
RedHat Update for sblim-cim-client2 RHSA-2012:0987-04
2012-06-22 00:00:00
prion
prion
Code injection
2014-02-10 18:15:00
cve
cve
CVE-2012-2328
2014-02-10 18:15:09
nvd
nvd
CVE-2012-2328
2014-02-10 18:15:09
centos
centos
sblim security update
2012-07-10 17:30:24
veracode
veracode
Hash Collision Attack
2019-01-15 08:52:54
oraclelinux
oraclelinux
sblim-cim-client2 security update
2012-06-27 00:00:00
redhat
redhat
(RHSA-2012:0987) Low: sblim-cim-client2 security update
2012-06-20 00:00:00