CVE-2012-0840

{"id": "CVE-2012-0840", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-02-10T19:55:02.407", "references": [{"url": "http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD%40eris.apache.org%3E", "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2012/02/08/3", "source": "secalert@redhat.com"}, {"url": "http://openwall.com/lists/oss-security/2012/02/09/1", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/47862", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://svn.apache.org/viewvc?rev=1231605&view=rev", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24439.html", "source": "secalert@redhat.com"}, {"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24472.html", "source": "secalert@redhat.com"}, {"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24473.html", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:019", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73096", "source": "secalert@redhat.com"}, {"url": "http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD%40eris.apache.org%3E", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://openwall.com/lists/oss-security/2012/02/08/3", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://openwall.com/lists/oss-security/2012/02/09/1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/47862", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://svn.apache.org/viewvc?rev=1231605&view=rev", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24439.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24472.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24473.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:019", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73096", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table."}, {"lang": "es", "value": "tables/apr_hash.c en la librer\u00eda Apache Portable Runtime (APR) hasta v1.4.5 procesa las colisiones Hash de forma predecible, lo que permite a atacantes dependiendo del contexto provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de una entrada manipulada sobre una aplicaci\u00f3n que mantiene una tabla hash."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "849790FC-5A29-4D0F-91B7-875CE3E11C3A", "versionEndIncluding": "1.4.5"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAC9B4C4-ABC3-4306-A207-41E43B1BE20F"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "802A56B5-E4CC-49ED-A5EF-7F1BECBA2811"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.2-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86D62910-DF77-4DA5-B2E0-9C645DE21FE8"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55CEAFE5-CD77-48C4-8B5E-A4FA173D5590"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.3-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18A3B6CD-8D8A-47F1-8021-3779F3882E4F"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C4C28F7-946E-4A8A-8D02-1166EE14E891"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "280DCE6C-A529-4B61-80E4-D0C66D1FA709"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ECEA4AB-80B3-4E4D-A634-6A37E0C7A1F9"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57DE26CB-8B98-4ADE-A9A5-8DC3020D03FA"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.7-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7686BB5B-9DD3-43DF-8852-2721D158AC81"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4A13FE2-5580-446F-9963-DB978B97BCA6"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F66FC842-29BD-4889-8436-D4BE271CE0AC"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:0.9.16-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97664E40-9802-4FFE-9AD1-78CE05B82FEB"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB66AD7D-FF60-4320-A8AF-448836E61FBB"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A42AC519-7FB4-4911-BA47-9CC87D0EA874"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFE38C6B-4042-4A01-9686-8CD38C995C80"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "910818CC-6EED-4E78-B85C-51AAC3A945D5"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C8176D3-0632-4D2C-B992-8FE32B023B45"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.4-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D1F3F02-BED5-42D6-92D9-AA0A5336F1D9"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25BE556A-5036-4CCC-A597-CA1FC1F89B11"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99A5A93F-2BD6-4DAE-854F-8CF4FC32C6C3"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.6-dev:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C35911DF-832A-417D-92C4-5DF02E5EC164"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A93F3369-74F6-49D0-94A3-C20603C43B08"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA090A3B-F678-4078-9B7A-6BF3E88F4F0A"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13675179-8744-4213-8CDE-7FA0697547B6"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D6B079B-2A7B-4985-B9F2-835DF3FC7600"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E877387-C99E-446B-89DE-CFA4C0955F56"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "880DADBE-8690-4394-B0A6-B9C85D6B7233"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B310E26F-1366-416D-A187-3951A8DAE62E"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D95BF2D-FE8D-400C-8AE7-20E027AA7C33"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E9EE541-4A74-4C9E-8ECC-7E5FAD3FE339"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E66B5B1B-C79B-4510-96E5-4A9A8611C317"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BC84CE-DEFF-4118-834D-403340717C94"}, {"criteria": "cpe:2.3:a:apache:portable_runtime:1.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD5A391F-01C7-4A09-99A8-BFA7334257CC"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}