CVE-2012-0840
Apache Portable Runtime < 1.4.5 - Denial of Service via Hash Collision
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-0840. PoCs published by Moritz Muehlenhoff.
AI-analyzed exploit summary The provided entry describes a denial-of-service vulnerability in Apache APR, exploitable via crafted HTTP POST requests. It references an external source (SecurityFocus) and a binary exploit but lacks actual exploit code.
Description
tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Exploits (1)
The provided entry describes a denial-of-service vulnerability in Apache APR, exploitable via crafted HTTP POST requests. It references an external source (SecurityFocus) and a binary exploit but lacks actual exploit code.