Memory Leak Vulnerability in Network Security Services by Sun Microsystems
CVE-2006-3127

Currently unrated

Key Information:

Vendor

Oracle
Status
Java Enterprise System
Java System Directory Server
Vendor
CVE Published:
21 June 2006

What is CVE-2006-3127?

A memory leak affects Network Security Services (NSS) versions 3.11 used in Sun Java Enterprise System editions from 2003Q4 to 2005Q1 and Java System Directory Server 5.2. This vulnerability enables remote attackers to induce a denial of service by executing numerous RSA cryptographic operations, potentially leading to severe memory consumption issues.

References

http://www.securityfocus.com/bid/18604
vdb-entryx_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT
http://www.vupen.com/english/advisories/2007/1573
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.