Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

Linux Distros Unpatched Vulnerability : CVE-2012-0840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions...

RHEL 5 : apr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apr: Out-of-bounds array deref in aprtimeexp functions CVE-2017-12613 - tables/aprhash.c in the Apache...

RHEL 4 : apr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - apr: hash table collisions CPU usage DoS CVE-2012-0840 Note that Nessus has not tested for this issue but has inste...

SUSE CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

GLSA-201405-24 : Apache Portable Runtime, APR Utility Library: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201405-24 Apache Portable Runtime, APR Utility Library: Denial of Service Multiple vulnerabilities have been discovered in Apache Portable Runtime and APR Utility Library. Please review the CVE identifiers referenced below for...

Fedora Update for apr FEDORA-2012-1709

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for apr FEDORA-2012-1656

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 16 : apr-1.4.6-1.fc16 (2012-1709)

CVE-2012-0840 apr: hash table collisions CPU usage DoS Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Mandriva Update for apr MDVSA-2012:019 (apr)

Check for the Version of apr OpenVAS Vulnerability Test Mandriva Update for apr MDVSA-2012:019 apr Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...

CVE-2012-0840

CVE-2012-0840 affects the Apache Portable Runtime (APR) library, specifically tables/apr_hash.c, up to version 1.4.5. The vulnerability arises from insufficient randomization of hash data structures, enabling context-dependent remote attackers to trigger predictable hash collisions and cause CPU ...

CVE-2012-0840

tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that...