فا

‫ Oracle Glassfish Server Multiple Vulnerabilities

IRCAD2014073414

ID: IRCAD2014073414

Release Date: 2014-07-16

Criticality level: Highly critical

Software:
Oracle GlassFish Server 3.x
Sun GlassFish Enterprise Server 2.x
Description:

Multiple vulnerabilities have been reported in Oracle Glassfish Server, where one has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.

1) The application bundles a vulnerable version of Mozilla NSS.

This vulnerability is reported in version 2.1.1.

2) The application bundles a vulnerable version of Oracle Mojarra.

This vulnerability is reported in versions 3.0.1 and 3.1.2.

Solution

Apply update.

References:
Oracle:
Secunia:

http://secunia.com/advisories/57745/


نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 30 تیر 1393

امتیاز

امتیاز شما
تعداد امتیازها:0