Published: 22/07/2014 Updated: 23/07/2014

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Subscribe to Jboss Enterprise Application Platform

jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote malicious users to execute arbitrary code via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat jboss enterprise application platform 5.2.0
redhat jboss enterprise portal platform 5.2.2
redhat jboss enterprise soa platform 5.3.1
redhat jboss enterprise brms platform 5.3.1

JBoss Application Server 5 and supported Red Hat JBoss 5x products contain JBoss Remoting, which includes a partial implementation of the JMX remoting specification JSR 160 This implementation is provided in jmx-remotingsar, which is deployed by default in unsupported community releases of JBoss Application Server 5x This implementation does n ...

CWE-94 http://rhn.redhat.com/errata/RHSA-2014-0887.html https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-3518

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3518

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect