Denial of service in JBoss Enterprise Application Platform
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-7046 |
| CWE-ID | CWE-120 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
JBoss Enterprise Application Platform Server applications / Application servers |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Denial of service
EUVDB-ID: #VU731
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-7046
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to cause denial of service on the target system.
The weakness exists due to buffer overflow. By sending a long URL attackers can trigger the service deny.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
No solutions resolving the vulnerability are available.
JBoss Enterprise Application Platform: 7.0.0
CPE2.3Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
