CVE-2012-1035
NONE EPSS 72.1%
Published Feb 8, 201214y ago · Modified Jun 16, 20262w ago
Published Feb 8, 2012 14y ago
Last Modified Jun 16, 2026 2w ago
Description
AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Threat Intelligence
EPSS Exploit Probability
72.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-20 Improper Input Validation Validation
Affected Products 2
References 4
- archives.neohapsis.com http://archives.neohapsis.com/archives/bugtraq/2012-01/0169.html
- adacore.com http://www.adacore.com/2012/01/27/security-advisory-sa-2012-l119-003-hash-collisions-in-aws/
- nruns.com http://www.nruns.com/_downloads/advisory28122011.pdf
- ocert.org http://www.ocert.org/advisories/ocert-2011-003.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.