Descriptioninternal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file.
Overall state of this security issue: Postponed
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- openSUSE-SU-2012:1621-1, published Fri, 7 Dec 2012 11:08:58 +0100 (CET)
- openSUSE-SU-2013:0144-1, published Wed, 23 Jan 2013 14:05:33 +0100 (CET)
List of planned updatesThe following information is the current evaluation information for this security issue. It might neither be accurate nor complete, Use at own risk.