CVE-ID |
CVE-2012-2098
|
Learn more at National Vulnerability Database (NVD)
• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
|
Description |
Algorithmic complexity vulnerability in the sorting algorithms in
bzip2 compressing stream (BZip2CompressorOutputStream) in Apache
Commons Compress before 1.4.1 allows remote attackers to cause a
denial of service (CPU consumption) via a file with many repeating
inputs.
|
References |
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
|
- BUGTRAQ:20120523 [CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability
- URL:archives.neohapsis.com/archives/bugtraq/2012-05/0130.html
- MISC:packetstormsecurity.org/files/113014/Apache-Commons-Compress-Apache-Ant-Denial-Of-Service.html
- CONFIRM:ant.apache.org/security.html
- CONFIRM:commons.apache.org/compress/security.html
- FEDORA:FEDORA-2012-8428
- URL:lists.fedoraproject.org/pipermail/package-announce/2012-June/081697.html
- FEDORA:FEDORA-2012-8465
- URL:lists.fedoraproject.org/pipermail/package-announce/2012-June/081746.html
- BID:53676
- URL:www.securityfocus.com/bid/53676
- OSVDB:82161
- URL:osvdb.org/82161
- SECTRACK:1027096
- URL:www.securitytracker.com/id?1027096
- SECUNIA:49255
- URL:secunia.com/advisories/49255
- SECUNIA:49286
- URL:secunia.com/advisories/49286
- XF:apache-commons-ant-bzip2-dos(75857)
- URL:xforce.iss.net/xforce/xfdb/75857
|
Date Entry Created |
20120404 |
Disclaimer: The entry creation date may reflect when
the CVE-ID was allocated or reserved, and does not
necessarily indicate when this vulnerability was
discovered, shared with the affected vendor, publicly
disclosed, or updated in CVE.
|
Phase (Legacy) |
Assigned (20120404) |
Votes (Legacy) |
|
Comments (Legacy) |
|
Proposed (Legacy) |
N/A |
This is an entry on the CVE
list, which standardizes names for security
problems. |
Search CVE Using Keywords:
You can also search by reference using the CVE Reference Maps.
|
For More Information: cve@mitre.org
|