CVE-2016-3110

mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:2.1:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-09-26 14:59

Updated : 2024-02-04 18:53


NVD link : CVE-2016-3110

Mitre link : CVE-2016-3110

CVE.ORG link : CVE-2016-3110


JSON object : View

Products Affected

redhat

  • jboss_enterprise_application_platform
  • enterprise_linux
  • jboss_enterprise_web_server

fedoraproject

  • fedora
CWE
CWE-20

Improper Input Validation