CVE-2010-3701 — Redhat Enterprise MRG vulnerability

CWE-3995 documents5 sources

Severity

4.0MEDIUMNVD

EPSS

0.6%

top 29.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise MRG

Timeline

PublishedOct 12

Latest updateMay 13

Description

lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service (stack memory exhaustion and broker crash) via a large persistent message.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDredhat/enterprise_mrg1.2+6

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-49f9-p2h6-xv2f: lib/MessageStoreImpl↗2022-05-13

▶

CVEList

CVE-2010-3701: lib/MessageStoreImpl↗2010-10-12

▶

📋Vendor Advisories

Red Hat

MRG: remote authenticated DoS in broker↗2010-09-14

▶

💬Community

Bugzilla

CVE-2010-3701 MRG: remote authenticated DoS in broker↗2010-10-04

▶