Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 30/12/2010 Updated: 07/11/2023

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 231

Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x prior to 2.2.3.SP4 and 2.5.x prior to 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 up to and including 4.3.0.CP09 allows remote malicious users to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data, related to a missing CVE-2010-3862 patch. NOTE: this can be considered a duplicate of CVE-2010-3862 because a missing patch should not be assigned a separate CVE identifier.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat jboss_remoting 2.2.0
redhat jboss_remoting 2.2.2
redhat jboss_remoting 2.2.3
redhat jboss_enterprise_application_platform 4.3.0
redhat jboss_enterprise_application_platform 5.1.0
redhat jboss_enterprise_web_platform 5.1.0

NVD-CWE-Other http://www.redhat.com/support/errata/RHSA-2010-0964.html http://securitytracker.com/id?1024840 https://issues.jboss.org/browse/JBREM-1261 https://bugzilla.redhat.com/show_bug.cgi?id=660623 https://issues.jboss.org/browse/JBPAPP-5253 http://www.redhat.com/support/errata/RHSA-2010-0965.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4265

Vulnerability Summary

References

Vulmon Search

About

Products

Connect