CVE-2011-4610

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Buffer Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 11/02/14 - Updated on 06/03/14

Description

JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service (infinite loop) via vectors related to a crafted UTF-8 and a "surrogate pair character" that is "at the boundary of an internal buffer."

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2011-4610

Exploits

SecurityFocusBID-51829

Relative technologies

VendorProduct
redhatjboss_communications_platform
redhatjboss_enterprise_application_platform
redhatjboss_enterprise_brms_platform
redhatjboss_enterprise_web_platform

Share this vulnerability with:

Twitter Facebook LinkedIn Mail