JBoss Enterprise Application Platform Multiple Remote Vulnerabilities Network Vulnerability

Summary

The JBoss Enterprise Application Platform is prone to multiple vulnerabilities, including a remote code-execution issue, a remote denial-of- service issue, and a cross-site request-forgery issue. Successful exploits can allow attackers to execute arbitrary code within the context of the affected application, perform certain administrative actions, deploy arbitrary WAR files on the server, or cause denial-of-service conditions other attacks may also be possible. These issues affect JBoss Enterprise Application Platform 4.3.0 other versions may also be affected.

Solution

Updates are available please see the references for more information.

References

http://www.jboss.com/products/platforms/application/
https://www.securityfocus.com/bid/45148

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3708, CVE-2010-3862, CVE-2010-3878

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Savant Web Server Remote Buffer Overflow Vulnerability
CoreHTTP CGI Support Remote Command Execution Vulnerability
Apache Open For Business Weak Password security check
Apache 2.0.39 Win32 directory traversal
Null HTTPd Server Content-Length HTTP Header Buffer overflow Vulnerability

Take action and discover your vulnerabilities