{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-12-30T00:00:00", "descriptions": [{"lang": "en", "value": "OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-02-22T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"}, {"name": "[caml-list] 20111230 Hashtbl and security", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.mail-archive.com/caml-list%40inria.fr/msg01477.html"}, {"name": "47853", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47853"}, {"name": "[caml-list] 20111230 Re: Hashtbl and security", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.mail-archive.com/caml-list%40inria.fr/msg01478.html"}, {"name": "[oss-security] 20120206 Re: CVE request: Hash DoS vulnerability (ocert-2011-003)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2012/02/07/2"}, {"name": "[oss-security] 20120206 CVE request: Hash DoS vulnerability (ocert-2011-003)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2012/02/07/1"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ocert.org/advisories/ocert-2011-003.html"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-0839", "datePublished": "2012-02-08T20:00:00", "dateReserved": "2012-01-19T00:00:00", "dateUpdated": "2012-02-22T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:inria:ocaml:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7FCCC63-2144-41C8-A384-B6AB6EAA4929", "versionEndIncluding": "3.12.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:1.07:*:*:*:*:*:*:*", "matchCriteriaId": "8160D4BF-3382-4E3D-97E6-11C6B0C3621B", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "C5EE9202-74C8-471E-9971-F61133468A11", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:2.04:*:*:*:*:*:*:*", "matchCriteriaId": "450149B1-9AD3-4805-A1F1-30DF8F689E3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:2.99:alpha:*:*:*:*:*:*", "matchCriteriaId": "A28707EA-0DB5-4205-B725-3AA21EEF8F19", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "E7629BE3-2FEF-456F-B8FD-6F984204E007", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "9D3BDB5A-F5B5-44E3-8BE5-42BDECFEBEF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "BB498E45-8F15-463C-BDEA-E3C60F8FC9F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.03:alpha:*:*:*:*:*:*", "matchCriteriaId": "5CB7041D-F3FB-4E66-A5AC-DA04ED4687F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.04:*:*:*:*:*:*:*", "matchCriteriaId": "D8708B04-4E69-45A8-88A2-34F31DFC3D24", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.05:beta:*:*:*:*:*:*", "matchCriteriaId": "2FC1A656-4F08-4630-A580-5BEAEF6987D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.06:*:*:*:*:*:*:*", "matchCriteriaId": "6284D4FB-9339-4034-8110-A014C5778534", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.07:*:*:*:*:*:*:*", "matchCriteriaId": "D6D71DF2-7C71-4B84-8F0A-DA9C021B700A", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.07:beta1:*:*:*:*:*:*", "matchCriteriaId": "A6526238-EF6B-485F-88E4-5FB9B37F917F", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.07:beta2:*:*:*:*:*:*", "matchCriteriaId": "C091ABFB-F333-4098-B47B-675BC8387B79", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.07:pl2:*:*:*:*:*:*", "matchCriteriaId": "580DB00F-0D6D-4105-BA4D-63738588F8E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.08:*:*:*:*:*:*:*", "matchCriteriaId": "74BFD663-606E-4738-8D69-F3FD5A6EE458", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.09:*:*:*:*:*:*:*", "matchCriteriaId": "EE0FBBB4-4226-49BA-884B-06314F7340F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.10:*:*:*:*:*:*:*", "matchCriteriaId": "52CB95FB-BEEB-4939-8DD4-433BEE5B2E52", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "5E70C216-47F6-4D62-A1D1-EE81C6A64B18", "vulnerable": true}, {"criteria": "cpe:2.3:a:inria:ocaml:3.12:*:*:*:*:*:*:*", "matchCriteriaId": "2CF51308-F5C5-4FBA-A6C3-2A7F975BA7E4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table."}, {"lang": "es", "value": "oCaml v3.12.1 y anteriores calcula los valores de hash sin restringir la capacidad para activar las colisiones hash predecibles, lo que permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de entrada modificada a una aplicaci\u00f3n que mantiene una tabla hash."}], "id": "CVE-2012-0839", "lastModified": "2023-02-13T00:22:54.167", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-02-08T20:55:00.797", "references": [{"source": "secalert@redhat.com", "url": "http://openwall.com/lists/oss-security/2012/02/07/1"}, {"source": "secalert@redhat.com", "url": "http://openwall.com/lists/oss-security/2012/02/07/2"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/47853"}, {"source": "secalert@redhat.com", "url": "http://www.mail-archive.com/caml-list%40inria.fr/msg01477.html"}, {"source": "secalert@redhat.com", "url": "http://www.mail-archive.com/caml-list%40inria.fr/msg01478.html"}, {"source": "secalert@redhat.com", "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"}, {"source": "secalert@redhat.com", "url": "http://www.ocert.org/advisories/ocert-2011-003.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}