CVE-2012-0881
Denial of Service vulnerability in xercesImpl (Maven)
What is CVE-2012-0881 About?
Apache Xerces2 Java Parser before 2.12.0 is vulnerable to a denial of service attack. A remote attacker can cause high CPU consumption by sending a specially crafted XML message, leading to hash table collisions. This makes the vulnerability easy to exploit and can severely impact service availability.
Affected Software
Technical Details
Apache Xerces2 Java Parser versions prior to 2.12.0 are susceptible to a denial of service (DoS) vulnerability leveraging hash table collisions. This attack vector involves an attacker crafting an XML message with numerous elements or attributes that, when parsed, result in a high number of hash collisions within the parser's internal hash tables. When multiple keys hash to the same bucket, the performance of hash table operations degrades significantly, often transitioning from O(1) to O(N) complexity for lookups and insertions. By strategically constructing the XML input to maximize these collisions, a remote attacker can force the parser to spend excessive CPU cycles processing the message, leading to a denial of service for the application or system relying on the parser. This resource exhaustion effectively renders the XML service unresponsive.
What is the Impact of CVE-2012-0881?
Successful exploitation may allow attackers to cause a denial of service, leading to service unavailability, degraded performance, and resource exhaustion.
What is the Exploitability of CVE-2012-0881?
Exploitation of this denial-of-service vulnerability is relatively low complexity and can be carried out remotely. The primary prerequisite is that the target system exposes an XML service that utilizes the vulnerable Apache Xerces2 Java Parser. No authentication or specific user privileges are required for an attacker to send the malicious XML message. The attack involves crafting an XML document designed to trigger hash collisions, then sending this document to the vulnerable service. The ease of crafting such a payload and sending it over a network makes the remote exploitation straightforward. The risk factor is increased for any application that processes untrusted XML input using the affected library, as it can be brought down with minimal effort.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2012-0881?
Available Upgrade Options
- xerces:xercesImpl
- <2.12.0 → Upgrade to 2.12.0
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
- https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
- https://www.openwall.com/lists/oss-security/2014/07/08/11
- https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
- https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
- https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56%40%3Ccommon-issues.hadoop.apache.org%3E
- https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56@%3Ccommon-issues.hadoop.apache.org%3E
- https://nvd.nist.gov/vuln/detail/CVE-2012-0881
- https://bugzilla.redhat.com/show_bug.cgi?id=787104
- https://www.oracle.com//security-alerts/cpujul2021.html
What are Similar Vulnerabilities to CVE-2012-0881?
Similar Vulnerabilities: CVE-2011-4838 , CVE-2011-5034 , CVE-2012-5784 , CVE-2013-0333 , CVE-2016-3616
