Unrated severityNVD Advisory· Published Nov 28, 2012· Updated Jun 16, 2026
CVE-2012-2739
CVE-2012-2739
Description
Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
50cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:*:update5:*:*:*:*:*:*range: <=1.7.0
cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update5:*:*:*:*:*:*range: <=1.7.0
cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*range: <=1.7.0
- cpe:2.3:a:oracle:openjdk:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:openjdk:1.8.0:*:*:*:*:*:*:*
- Range: <7u6
- osv-coords33 versionspkg:apk/chainguard/openjdk-11-openj9pkg:apk/chainguard/openjdk-11-openj9-dbgpkg:apk/chainguard/openjdk-11-openj9-default-jdkpkg:apk/chainguard/openjdk-11-openj9-default-jvmpkg:apk/chainguard/openjdk-11-openj9-default-policypkg:apk/chainguard/openjdk-11-openj9-docpkg:apk/chainguard/openjdk-11-openj9-jmodspkg:apk/chainguard/openjdk-11-openj9-jrepkg:apk/chainguard/openjdk-17-openj9pkg:apk/chainguard/openjdk-17-openj9-dbgpkg:apk/chainguard/openjdk-17-openj9-default-jdkpkg:apk/chainguard/openjdk-17-openj9-default-jvmpkg:apk/chainguard/openjdk-17-openj9-default-policypkg:apk/chainguard/openjdk-17-openj9-docpkg:apk/chainguard/openjdk-17-openj9-jmodspkg:apk/chainguard/openjdk-17-openj9-jrepkg:apk/chainguard/openjdk-21-openj9pkg:apk/chainguard/openjdk-21-openj9-dbgpkg:apk/chainguard/openjdk-21-openj9-default-jdkpkg:apk/chainguard/openjdk-21-openj9-default-jvmpkg:apk/chainguard/openjdk-21-openj9-default-policypkg:apk/chainguard/openjdk-21-openj9-docpkg:apk/chainguard/openjdk-21-openj9-jmodspkg:apk/chainguard/openjdk-21-openj9-jrepkg:apk/chainguard/openjdk-25-openj9-default-jvmpkg:apk/chainguard/openjdk-25-openj9-jmodspkg:apk/chainguard/openjdk-26-openj9-jrepkg:apk/chainguard/openjdk-8-openj9pkg:apk/chainguard/openjdk-8-openj9-dbgpkg:apk/chainguard/openjdk-8-openj9-default-jdkpkg:apk/chainguard/openjdk-8-openj9-default-jvmpkg:apk/chainguard/openjdk-8-openj9-docpkg:apk/chainguard/openjdk-8-openj9-jre
< 0.53.0-r0+ 32 more
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
Patches
Vulnerability mechanics
References
8- armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.htmlnvdExploit
- mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/903934nvdUS Government Resource
- www.nruns.com/_downloads/advisory28122011.pdfnvd
- www.ocert.org/advisories/ocert-2011-003.htmlnvd
- www.openwall.com/lists/oss-security/2012/06/15/12nvd
- www.openwall.com/lists/oss-security/2012/06/17/1nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.