Denial Of Service (DoS)

2019-05-0204:55:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON

openjdk is vulnerable to denial of service. A remote attacker is able to crash the application via excessive resource consumption and a daemon restart using malicious values in an HTTP request.

CPENameOperatorVersion
java-1.7.0-openjdkeq1.7.0.19__2.3.9.1.el6_4
java-1.7.0-openjdkeq1.7.0.25__2.3.10.4.el6_4
java-1.7.0-openjdkeq1.7.0.5__2.2.1.el6_3
java-1.7.0-openjdkeq1.7.0.9__2.3.5.3.el6_3
java-1.7.0-openjdkeq1.7.0.25__2.3.10.3.el6_4
java-1.7.0-openjdkeq1.7.0.9__2.3.3.el6_3.1
java-1.7.0-openjdkeq1.7.0.3__2.1.el6.7
java-1.7.0-openjdkeq1.7.0.9__2.3.4.1.el6_3
java-1.7.0-openjdkeq1.7.0.5__2.2.1.el6_3.3
java-1.7.0-openjdkeq1.7.0.9__2.3.7.1.el6_3

Name	Operator	Version
java-1.7.0-openjdk	eq	1.7.0.19__2.3.9.1.el6_4
java-1.7.0-openjdk	eq	1.7.0.25__2.3.10.4.el6_4
java-1.7.0-openjdk	eq	1.7.0.5__2.2.1.el6_3
java-1.7.0-openjdk	eq	1.7.0.9__2.3.5.3.el6_3
java-1.7.0-openjdk	eq	1.7.0.25__2.3.10.3.el6_4
java-1.7.0-openjdk	eq	1.7.0.9__2.3.3.el6_3.1
java-1.7.0-openjdk	eq	1.7.0.3__2.1.el6.7
java-1.7.0-openjdk	eq	1.7.0.9__2.3.4.1.el6_3
java-1.7.0-openjdk	eq	1.7.0.5__2.2.1.el6_3.3
java-1.7.0-openjdk	eq	1.7.0.9__2.3.7.1.el6_3