CVE-2006-3127

CWE-3993 documents3 sources

Severity

7.8HIGH

EPSS

2.1%

top 16.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java Enterprise System SUN Java System Directory Server

Timeline

PublishedJun 21

Latest updateMay 1

Description

Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDsun/java_system_directory_server5.2

▶NVDsun/java_enterprise_system2003q4, 2004q2, 2005q1+2

🔴Vulnerability Details

GHSA

GHSA-jc9w-4vh5-cjvm: Memory leak in Network Security Services (NSS) 3↗2022-05-01

▶

CVEList

CVE-2006-3127: Memory leak in Network Security Services (NSS) 3↗2006-06-21

▶