Public Date:
750521: CVE-2011-4858 tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)

The MITRE CVE dictionary describes this issue as:

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4858. Reason: This candidate is a duplicate of CVE-2011-4858. Notes: All CVE users should reference CVE-2011-4858 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Find out more about CVE-2011-4084 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 5
Base Metrics AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Affected Packages State

Platform Package State
Red Hat Satellite 5.4 tomcat5 Not affected
Red Hat JBoss EWS 1 tomcat6 Will not fix
Red Hat JBoss EWS 1 tomcat5 Will not fix
Red Hat Enterprise Linux 6 tomcat6 Will not fix
Red Hat Enterprise Linux 5 tomcat5 Will not fix
Red Hat Certificate System 7.3 for 4AS Tomcat Will not fix


Red Hat would like to thank oCERT for reporting this issue. oCERT acknowledges Julian Wälde and Alexander Klink as the original reporters.
Last Modified

CVE description copyright © 2017, The MITRE Corporation