Oracle Identity Manager Connector 9 General 拒绝服务漏洞

CVE编号

CVE-2019-0222

利用情况

暂无

补丁情况

官方补丁

披露时间

2019-03-29

在Apache ActiveMQ 5.0.0 - 5.15.8中，解组损坏的MQTT帧可能导致代理内存不足异常，使其无响应。<br>

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：
http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt

参考链接
http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
http://www.openwall.com/lists/oss-security/2019/03/27/2
http://www.securityfocus.com/bid/107622
https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21...
https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b...
https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b97937...
https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d92...
https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5...
https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283...
https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc42749...
https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438...
https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618...
https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f7...
https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html
https://security.netapp.com/advisory/ntap-20190502-0006/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	apache	activemq	*	From (including) 5.0.0	Up to (including) 5.15.8
	运行在以下环境
	应用	netapp	e-series_santricity_web_services	-	-
	运行在以下环境
	系统	debian_10	activemq	*		Up to (excluding) 5.15.8-2
	运行在以下环境
	系统	debian_9	activemq	*		Up to (excluding) 5.14.3-3+deb9u2

CWE-ID 漏洞类型 CWE-94 对生成代码的控制不恰当（代码注入） NVD-CWE-noinfo

还没有评论，来说两句吧...