National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:apache:geronimo:2.1.7
There are 1 matching records.
Vuln ID Summary CVSS Severity
CVE-2011-5034

Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.

Published: December 29, 2011; 08:55:01 PM -05:00
V2: 7.8 HIGH