Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2011-4358

Published: 17/07/2012 Updated: 10/10/2014
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Subscribe to Oracle

Vulnerability Summary

Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote malicious users to affect confidentiality and integrity, related to JSF.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle sun glassfish enterprise server 3.0.1

oracle sun glassfish enterprise server 3.1.1

Vendor Advisories

Debian CVElist Bug Report Logs: Mojarra: CVE-2011-4358
Debian Bug report logs - #650430 Mojarra: CVE-2011-4358 Package: mojarra; Maintainer for mojarra is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Luciano Bello <luciano@debianorg> Date: Tue, 29 Nov 2011 18:27:02 UTC Severity: grave Tags: patch, security Fixed in versions mojar ...
Debian Security Advisories: DSA-2359-1 mojarra -- EL injection
It was discovered that Mojarra, an implementation of JavaServer Faces, evaluates untrusted values as EL expressions if includeViewParameters is set to true For the stable distribution (squeeze), this problem has been fixed in version 203-1+squeeze1 For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpujul2012-392727.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:150http://www.securitytracker.com/id?1027277https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650430https://nvd.nist.govhttps://www.debian.org/security/./dsa-2359
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook