Back to search
CVE-2012-0840
Published: Feb 10, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[apr-commits] 20120115 svn commit: r1231605 - /apr/apr/trunk/tables/apr_hash.c
mailing-list
x_refsource_MLIST
apacheapr-hash-dos(73096)
vdb-entry
x_refsource_XF
[oss-security] 20120208 CVE request: apr - Hash DoS vulnerability
mailing-list
x_refsource_MLIST
MDVSA-2012:019
vendor-advisory
x_refsource_MANDRIVA
47862
third-party-advisory
x_refsource_SECUNIA
http://svn.apache.org/viewvc?rev=1231605&view=rev
x_refsource_CONFIRM
[dev] 20120105 Hash collision vectors in APR?
mailing-list
x_refsource_MLIST
[dev] 20120113 Re: Hash collision vectors in APR?
mailing-list
x_refsource_MLIST
[oss-security] 20120208 Re: CVE request: apr - Hash DoS vulnerability
mailing-list
x_refsource_MLIST
[dev] 20120114 Re: Hash collision vectors in APR?
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now