Denial of Service Vulnerability in Apache Portable Runtime Library
CVE-2012-0840

Currently unrated

Key Information:

Vendor

Apache
Status
Portable Runtime
Vendor
CVE Published:
10 February 2012

What is CVE-2012-0840?

The vulnerability exists in the tables/apr_hash.c component of the Apache Portable Runtime (APR) library up to version 1.4.5. It allows attackers to exploit predictable hash collision vulnerabilities, which can lead to excessive CPU consumption during hash table maintenance. By sending specially crafted input, an attacker can cause applications that rely on APR to become unresponsive, resulting in a denial of service. This poses a significant threat to system availability and can impact any application using APR, making it essential for administrators to apply necessary updates or patches to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://mail-archives.apache.org/mod_mbox/apr-commits/2012...
mailing-listx_refsource_MLIST
https://exchange.xforce.ibmcloud.com/vulnerabilities/73096
vdb-entryx_refsource_XF
http://openwall.com/lists/oss-security/2012/02/08/3
mailing-listx_refsource_MLIST

EPSS Score

37% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.