CVE-2011-4610

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Communications Platform versions prior to 5.1.3 Red Hat Enterprise Web Platform versions prior to 5.1.2 Red Hat Enterprise Application Platform versions prior to 5.1.2

Description The issue allows remote attackers to cause a denial of service, resulting in an infinite loop. This is achieved through vectors related to a crafted UTF-8 character, specifically a "surrogate pair character" that is positioned at the boundary of an internal buffer.

Recommendations For Red Hat JBoss Communications Platform versions prior to 5.1.3, update to version 5.1.3 or later. For Red Hat Enterprise Web Platform versions prior to 5.1.2, update to version 5.1.2 or later. For Red Hat Enterprise Application Platform versions prior to 5.1.2, update to version 5.1.2 or later.