CVE-2012-4458

Currently unrated

Key Information:

Vendor: Apache
Status: Qpid
Vendor: CVE Published:; 14 March 2013

Summary

The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.

References

https://bugzilla.redhat.com/show_bug.cgi?id=861234

x_refsource_MISC

https://issues.apache.org/jira/issues/?jql=fixVersion%20%...

x_refsource_CONFIRM

http://rhn.redhat.com/errata/RHSA-2013-0561.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 14, 2013