Published: 14/03/2013 Updated: 19/03/2013

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The AMQP type decoder in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache qpid 0.8
apache qpid 0.7
apache qpid 0.6
apache qpid 0.5
apache qpid 0.16
apache qpid 0.15
apache qpid 0.14
apache qpid 0.13
apache qpid
apache qpid 0.18
apache qpid 0.11
apache qpid 0.9
apache qpid 0.19
apache qpid 0.17
apache qpid 0.12
apache qpid 0.10

Synopsis Moderate: Red Hat Enterprise MRG Messaging 23 security update Type/Severity Security Advisory: Moderate Topic Updated Messaging component packages that fix multiple security issues,several bugs, and add various enhancements are now available for Red HatEnterprise MRG 23 for Red Hat Enterprise Lin ...

CWE-189 http://secunia.com/advisories/52516 https://issues.apache.org/jira/browse/QPID-4629 https://issues.apache.org/jira/issues/?jql=fixVersion%20%3D%20%220.21%22%20AND%20project%20%3D%20QPID https://bugzilla.redhat.com/show_bug.cgi?id=861234 http://rhn.redhat.com/errata/RHSA-2013-0562.html http://rhn.redhat.com/errata/RHSA-2013-0561.html http://svn.apache.org/viewvc?view=revision&revision=1453031 https://access.redhat.com/errata/RHSA-2013:0562 https://nvd.nist.gov

CVE-2012-4458

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect