Lucene search
Veracode Vulnerability DatabaseVERACODE:3800HistoryMar 30, 2017 - 1:33 a.m.
Partial Denial Of Service (DoS)
2017-03-3001:33:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.011 Low
EPSS
Percentile
84.2%
web-core is vulnerable to partial denial of service attacks. The vulnerability is possible due to JVM bottleneck caused by a flaw in JVM code, translating named encoding (e.g., “utf-8”) into Charsets. Therefore, that flaw leads to a number of stuck threads converting a byte array to a String or vice versa.
| CPE | Name | Operator | Version |
|---|---|---|---|
| core servlet container | le | 3.1.1 | |
| core servlet container | le | 3.0.1 | |
| core servlet container | le | 3.0 | |
| core servlet container | le | 3.2-b06 |
References
osvdb.org/78417
www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
bugzilla.redhat.com/show_bug.cgi?id=783900
bz.apache.org/bugzilla/show_bug.cgi?id=51400
exchange.xforce.ibmcloud.com/vulnerabilities/72497
java.net/jira/browse/GLASSFISH-17511
svn.java.net/svn/glassfish~svn/trunk/main@51257
www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Related
cve
cve
CVE-2012-0104
2012-01-18 22:55:06
prion
prion
Buffer overflow
2012-01-18 22:55:00
ubuntucve
ubuntucve
CVE-2012-0104
2012-01-18 00:00:00
nvd
nvd
CVE-2012-0104
2012-01-18 22:55:06
debiancve
debiancve
CVE-2012-0104
2012-01-18 22:55:00
cvelist
cvelist
CVE-2012-0104
2012-01-18 22:00:00
nessus
nessus
openvas
openvas
Oracle GlassFish Server Multiple Unspecified Vulnerabilities
2012-01-23 00:00:00
Oracle GlassFish Server Multiple Unspecified Vulnerabilities
2012-01-23 00:00:00
securityvulns
securityvulns
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00