Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3514

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-3514
Last Modified 11 Feb 2014 11:38:04
Published 25 Aug 2012 06:29:52
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3514

Summary

OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Vulnerable Systems

Application

  • Nicolas Cannasse Ocaml Xml-light Library R233


References

BID - 55114

MLIST - [oss-security] 20120820 ocaml-xml-light: hash table collisions CPU usage DoS CVE-2012-3514

SECUNIA - 50311

CONFIRM - https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0266

MANDRIVA - MDVSA-2013:107


Last Updated: 27 May 2016 11:00:20