5
CVSSv2

CVE-2011-4905

Published: 05/01/2012 Updated: 05/01/2012
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Apache ActiveMQ prior to 5.6.0 allows remote malicious users to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.

Affected Products

Vendor Product Versions
ApacheActivemq1.1, 1.2, 1.3, 1.4, 1.5, 2.0, 2.1, 3.0, 3.1, 3.2, 3.2.1, 3.2.2, 4.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.1.2, 5.0.0, 5.1.0, 5.2.0, 5.3.0, 5.3.1, 5.3.2, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.5.0, 5.5.1

Vendor Advisories

Debian Bug report logs - #655495 CVE-2011-4605: DoS Package: src:activemq; Maintainer for src:activemq is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 11 Jan 2012 17:39:01 UTC Severity: grave Tags: security Fixed in version active ...
IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks ...

Github Repositories

Examples on various topics of Java Blog on Software Development/Technology Java Articles/Tutorials JAXB Articles/Tutorials Hibernate Articles/Tutorials Spring Articles/Tutorials Webservices Articles/Tutorials