PT-2015-2596 · Red Hat · Wildfly+1

Aaron Ogburn

Published

2015-10-27

Updated

2023-02-13

CVE-2015-5220

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Application Platform (EAP) versions prior to 6.4.4 WildFly (formerly JBoss Application Server) versions prior to 6.4.4

Description The issue allows remote attackers to cause a denial of service (memory consumption) via a large request header. This is due to a buffer overflow vulnerability in the Web Console of the affected platforms.

Recommendations For Red Hat Enterprise Application Platform (EAP) versions prior to 6.4.4, update to version 6.4.4 or later. For WildFly (formerly JBoss Application Server) versions prior to 6.4.4, update to version 6.4.4 or later.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2015-11961

CVE-2015-5220

RHSA-2015:1904

RHSA-2015:1905

RHSA-2015:1906

RHSA-2015:1907

Affected Products

Red Hat Jboss Enterprise Application Platform

Wildfly

PT-2015-2596 · Red Hat · Wildfly+1

CVE-2015-5220

Weakness Enumeration

Related Identifiers

Affected Products

References · 11