Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2011-4461

Published: 30/12/2011 Updated: 08/03/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Sun Storage Common Array Manager

Vulnerability Summary

Jetty 8.1.0.RC2 and previous versions computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle sun storage common array manager 6.9.0

mortbay jetty 7.0.0

mortbay jetty 6.1.16

mortbay jetty 6.1.15

mortbay jetty 6.1.11

mortbay jetty 6.1.12

mortbay jetty 6.1.4

mortbay jetty 6.1.2

mortbay jetty 6.1.1

mortbay jetty 6.1.0

mortbay jetty 6.0.0

mortbay jetty 5.1.14

mortbay jetty 5.0

mortbay jetty 5.1.12

mortbay jetty 5.1.11

mortbay jetty 5.1.5

mortbay jetty 5.1.0

mortbay jetty 5.1

mortbay jetty 5.1.3

mortbay jetty 4.2.17

mortbay jetty 4.2.22

mortbay jetty 4.2.15

mortbay jetty 4.1.4

mortbay jetty 4.0

mortbay jetty 4.1.3

mortbay jetty 4.0.b2

mortbay jetty 4.0.2

mortbay jetty 4.2.4

mortbay jetty 4.0.1

mortbay jetty 4.1.0

mortbay jetty 6.1.14

mortbay jetty 6.1.9

mortbay jetty 6.1.10

mortbay jetty 6.1.6

mortbay jetty 6.1.5

mortbay jetty 6.1.19

mortbay jetty 6.0.2

mortbay jetty 6.1.21

mortbay jetty 5.1.13

mortbay jetty 5.0.0

mortbay jetty 5.1.10

mortbay jetty 5.1.6

mortbay jetty 5.1.9

mortbay jetty 5.1.1

mortbay jetty 5.1.2

mortbay jetty 4.2.20

mortbay jetty 4.2.16

mortbay jetty 4.2.10

mortbay jetty 4.2.14

mortbay jetty 4.2.2

mortbay jetty 4.0.0

mortbay jetty 4.2.0

mortbay jetty 4.0.6

mortbay jetty 4.1.d1

mortbay jetty 4.2.8_01

mortbay jetty 4.1.b0

mortbay jetty 4.1.d2

mortbay jetty 4.0.d4

mortbay jetty 4.2

mortbay jetty 4.2.24

mortbay jetty 6.1.3

mortbay jetty 5.1.4

mortbay jetty 4.2.23

mortbay jetty 3.0.a4

mortbay jetty 3.0.a1

mortbay jetty 3.0.0

mortbay jetty 3.1

mortbay jetty 3.0.6

mortbay jetty 3.0.b03

mortbay jetty 3.1.6

mortbay jetty 3.1.3

mortbay jetty 3.1.9

mortbay jetty 3.1.5

mortbay jetty 3.0.a91

mortbay jetty 3.0.a98

mortbay jetty 2.4.9

mortbay jetty 2.1.b1

mortbay jetty 2.1.7

mortbay jetty 2.1.6

mortbay jetty 2.0

mortbay jetty 2.0.5

mortbay jetty 2.0.4

mortbay jetty 2.2.1

mortbay jetty 2.2.2

mortbay jetty 2.3.0a

mortbay jetty 2.3.0

mortbay jetty 1.1.1

mortbay jetty 1.2.0

mortbay jetty 1.3.4

mortbay jetty 1.3.5

mortbay jetty 4.0.b0

mortbay jetty 4.0.d1

mortbay jetty 4.2.7

mortbay jetty 4.2.26

mortbay jetty 3.0.a9

mortbay jetty 3.0.a7

mortbay jetty 3.0.a2

mortbay jetty 3.0.a0

mortbay jetty 3.0.1

mortbay jetty 3.0.b04

mortbay jetty 3.1.4

mortbay jetty 3.1.1

mortbay jetty 3.0

mortbay jetty 3.1.8

mortbay jetty 3.0.a97

mortbay jetty 3.0.a96

mortbay jetty 2.1.b0

mortbay jetty 2.1.1

mortbay jetty 2.2

mortbay jetty 2.4.2

mortbay jetty 2.4.1

mortbay jetty 2.2.0

mortbay jetty 2.2.7

mortbay jetty 2.2.8

mortbay jetty 1.0.1

mortbay jetty 1.1

mortbay jetty 5.1.7

mortbay jetty 4.2.21

mortbay jetty 4.2.9

mortbay jetty 4.2.1

mortbay jetty 4.0.3

mortbay jetty 4.2.6

mortbay jetty 4.2.3

mortbay jetty 4.0.5

mortbay jetty 4.1.b1

mortbay jetty 4.0.d3

mortbay jetty 4.0.d0

mortbay jetty 4.2.25

mortbay jetty 3.0.a6

mortbay jetty 3.0.a3

mortbay jetty 3.0.5

mortbay jetty 3.0.4

mortbay jetty 3.0.b01

mortbay jetty 3.0.b02

mortbay jetty 3.1.7

mortbay jetty 3.1.0

mortbay jetty 3.0.a93

mortbay jetty 3.0.a92

mortbay jetty 2.4.7

mortbay jetty 2.4.8

mortbay jetty 2.1.2

mortbay jetty 2.1.5

mortbay jetty 2.1.4

mortbay jetty 2.0.2

mortbay jetty 2.0.3

mortbay jetty 2.4.4

mortbay jetty 2.4.3

mortbay jetty 2.2.3

mortbay jetty 2.2.4

mortbay jetty 2.3.1

mortbay jetty 2.3.2

mortbay jetty 1.3.2

mortbay jetty 1.3.3

mortbay jetty

mortbay jetty 6.1.8

mortbay jetty 6.1.7

mortbay jetty 6.1.20

mortbay jetty 6.0.1

mortbay jetty 5.1.8

mortbay jetty 4.2.27

mortbay jetty 4.2.18

mortbay jetty 4.2.12

mortbay jetty 4.0.4

mortbay jetty 4.1.d0

mortbay jetty 4.2.5

mortbay jetty 4.1.2

mortbay jetty 4.0.b1

mortbay jetty 4.1.1

mortbay jetty 4.0.d2

mortbay jetty 4.2.11

mortbay jetty 4.2.19

mortbay jetty 3.0.a8

mortbay jetty 3.0.a5

mortbay jetty 3.0.3

mortbay jetty 3.0.2

mortbay jetty 3.0.b05

mortbay jetty 3.0.a99

mortbay jetty 3.1.2

mortbay jetty 3.0.a90

mortbay jetty 3.0.a94

mortbay jetty 3.0.a95

mortbay jetty 2.4.6

mortbay jetty 2.1.0

mortbay jetty 2.1.3

mortbay jetty 2.0.0

mortbay jetty 2.0.1

mortbay jetty 2.4.0

mortbay jetty 2.3.5

mortbay jetty 2.4.5

mortbay jetty 2.2.5

mortbay jetty 2.2.6

mortbay jetty 2.3.3

mortbay jetty 2.3.4

mortbay jetty 1.0

mortbay jetty 1.3.0

mortbay jetty 1.3.1

Vendor Advisories

Ubuntu Security Notice: jetty vulnerability
Jetty could be made to hang or crash if it received specially crafted network traffic ...

Recent Articles

Grab a cuppa: Time to sort out that Oracle patch batch
The Register • John Leyden • 20 Apr 2016

Java SE, MySQL are most in need of fixes, so you know what to do...

Oracle has released its latest quarterly Critical Patch Update on Tuesday, releasing updates to Fusion Middleware, Peoplesoft, E-Business Suite, MySQL, and several other products. Java SE also got patched. This set of patches addresses 136 vulnerabilities in several product families, according to business application security specialists ERPscan. Most of the closed issues affect MySQL, PeopleSoft, and Fusion Middleware. The oldest of the resolved vulnerabilities (CVE-2011-4461) dates back to 201...

Read more...

References

CWE-310http://www.nruns.com/_downloads/advisory28122011.pdfhttp://www.ocert.org/advisories/ocert-2011-003.htmlhttp://www.kb.cert.org/vuls/id/903934http://www.ubuntu.com/usn/USN-1429-1http://secunia.com/advisories/47408http://www.securitytracker.com/id?1026475http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.htmlhttp://secunia.com/advisories/48981http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlhttp://marc.info/?l=bugtraq&m=143387688830075&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/72017http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttps://security.netapp.com/advisory/ntap-20190307-0004/https://usn.ubuntu.com/1429-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook