Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
GlassFish Improper Input Validation Vulnerability - CVE-2011-5035 - Vulnerability Database
GlassFish

GlassFish Improper Input Validation Vulnerability - CVE-2011-5035

Medium
Reference: CVE-2011-5035
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-5035
Title: GlassFish Improper Input Validation Vulnerability
Overview:

Oracle Glassfish 2.1.1 3.0.1 and 3.1.1 as used in Communications Server 2.0 Sun Java System Application Server 8.1 and 8.2 and possibly other products computes hash values for form parameters without restricting the ability to trigger hash collisions predictably which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters aka Oracle security ticket S0104869.