Vulnerability Description
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trevor Mckay | Cumin | <= 0.1.5192-4 |
| Redhat | Enterprise Mrg | 2.0 |
Related Weaknesses (CWE)
References
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830248Exploit
- http://rhn.redhat.com/errata/RHSA-2012-1278.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2012-1281.htmlVendor Advisory
- http://secunia.com/advisories/50660
- http://www.securityfocus.com/bid/55618
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78774
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830248Exploit
- http://rhn.redhat.com/errata/RHSA-2012-1278.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2012-1281.htmlVendor Advisory
- http://secunia.com/advisories/50660
- http://www.securityfocus.com/bid/55618
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78774
FAQ
What is CVE-2012-2685?
CVE-2012-2685 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an...
How severe is CVE-2012-2685?
CVE-2012-2685 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2685?
Check the references section above for vendor advisories and patch information. Affected products include: Trevor Mckay Cumin, Redhat Enterprise Mrg.