fkie_nvd - fkie_cve-2012-2685

fkie_cve-2012-2685

Vulnerability from fkie_nvd

Published

2012-09-28 17:55

Modified

2024-11-21 01:39

Severity ?

Summary

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.

References

URL	Tags
secalert@redhat.com	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830248	Exploit
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-1278.html	Vendor Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-1281.html	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/50660
secalert@redhat.com	http://www.securityfocus.com/bid/55618
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78774
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830248	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1278.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1281.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/50660
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55618
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78774

Impacted products

Vendor	Product	Version
trevor_mckay	cumin	*
trevor_mckay	cumin	0.1.3160-1
trevor_mckay	cumin	0.1.4369-1
trevor_mckay	cumin	0.1.4410-2
trevor_mckay	cumin	0.1.4494-1
trevor_mckay	cumin	0.1.4794-1
trevor_mckay	cumin	0.1.4916-1
trevor_mckay	cumin	0.1.5033-1
trevor_mckay	cumin	0.1.5037-1
trevor_mckay	cumin	0.1.5054-1
trevor_mckay	cumin	0.1.5068-1
trevor_mckay	cumin	0.1.5092-1
trevor_mckay	cumin	0.1.5098-2
trevor_mckay	cumin	0.1.5105-1
trevor_mckay	cumin	0.1.5137-1
trevor_mckay	cumin	0.1.5137-2
trevor_mckay	cumin	0.1.5137-3
trevor_mckay	cumin	0.1.5137-4
trevor_mckay	cumin	0.1.5137-5
trevor_mckay	cumin	0.1.5192-1
redhat	enterprise_mrg	2.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB8CE3E6-C78F-4363-B731-A7981046EE5B",
              "versionEndIncluding": "0.1.5192-4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33C6617-24FB-4C96-A786-D26B074B0569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CF3F68-713E-48E8-8D37-4AE443AF87FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BDF4FB8-5ECF-4A2F-8066-8C362574B55F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ADC326A-3CE8-4710-870B-BF540CCB4A5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFB4776E-178C-4488-9C98-98859576E343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B6E427-B880-48EB-8139-2F54381539BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EABF881-94BA-4E76-8EDB-29A4DB7F68B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "476B4482-38CB-46FB-B05D-CBBCDA87B739",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F49E39C4-D9D4-44D0-9F24-2DB3EB1E4457",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5068-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75A69413-E0B0-4528-8C42-898866BD3B9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5092-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B69A8C-A652-4CBB-80B1-171630C7420E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5098-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E7AFB1-7864-47D4-AD75-9B9950BE7BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5105-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9C553FD-1ED7-436A-B4A7-309C79CB7793",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CBBA885-F992-464D-9DF4-047F824FC02B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D313A509-35AE-4EA3-9EDC-20CA98293D99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84531E0-D82D-43AE-A708-B12C34984B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9106FF80-627C-40E1-80E1-E574EB9A6B8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46220E7-B924-49D4-B866-3EA6B52F4D45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5192-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CACA1231-8272-40A9-B7B3-0141E0F1D7A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request."
    },
    {
      "lang": "es",
      "value": "Cumin, antes de v0.1.5444, tal y como se utiliza en Red Hat Enterprise Messaging, Realtime, y Grid 2.0 (MRG) permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (por consumo de memoria) a trav\u00e9s de una solicitud de imagen de gran tama\u00f1o."
    }
  ],
  "id": "CVE-2012-2685",
  "lastModified": "2024-11-21T01:39:26.657",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-09-28T17:55:00.960",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830248"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/50660"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/55618"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830248"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/50660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/55618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78774"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2012-2685

Vulnerability from cvelistv5

Published

2012-09-28 17:00

Modified

2024-08-06 19:42