CVE-2010-3862

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterprise Web Platform (aka JBEWP) 5.1.0; allows remote attackers to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp10:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp2:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp4:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp7:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp8:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:sp2:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:sp3:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp11:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:sp1:*:*:*:*:*:*
OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp05:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp07:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp03:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp08:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp09:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp01:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp06:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp02:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp04:*:*:*:*:*:*

Information

Published : 2010-12-30 13:00

Updated : 2010-12-30 21:00


NVD link : CVE-2010-3862

Mitre link : CVE-2010-3862


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

redhat

  • jboss_enterprise_application_platform
  • jboss_enterprise_web_platform
  • jboss_remoting