Lucene search
HistoryDec 30, 2011 - 1:55 a.m.
CVE-2011-5037
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
High
EPSS
0.005
Percentile
75.5%
Google V8 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, as demonstrated by attacks against Node.js.
Affected configurations
Node
googlev8
Related
cve
cve
CVE-2011-5037
2011-12-30 01:55:01
cvelist
cvelist
CVE-2011-5037
2011-12-30 01:00:00
prion
prion
Design/Logic Flaw
2011-12-30 01:55:00
ubuntucve
ubuntucve
CVE-2011-5037
2011-12-30 00:00:00
openvas
openvas
FreeBSD Ports: jruby
2012-02-12 00:00:00
FreeBSD Ports: jruby
2012-02-12 00:00:00
freebsd
freebsd
Multiple implementations -- DoS via hash algorithm collision
2011-12-28 00:00:00
nessus
nessus
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
High
EPSS
0.005
Percentile
75.5%
Related for NVD:CVE-2011-5037