Oval Definition:oval:com.ubuntu.precise:def:20115035000
Revision Date:2011-12-29Version:1
Title:CVE-2011-5035 on Ubuntu 12.04 LTS (precise) - medium.
Description:Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-5035
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND Package Information
  • The 'glassfish' package in precise is affected and needs fixing.
  • OR NOT While related to the CVE in some way, the 'openjdk-6' package in precise is not affected (note: '6b24-1.11.1-0ubuntu1').
  • OR NOT While related to the CVE in some way, the 'openjdk-7' package in precise is not affected (note: '7~u3-2.1-1ubuntu1').
    • BACK