CVE-2011-0807

Currently unrated

Key Information:

Vendor: Oracle
Status: Glassfish Server; Java System Application Server
Vendor: CVE Published:; 20 April 2011

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 96%

Summary

Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2011-0807
Created by Rapid7

References

http://www.oracle.com/technetwork/topics/security/cpuapr2...

x_refsource_CONFIRM

http://securityreason.com/securityalert/8327

third-party-advisoryx_refsource_SREASON

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Jun 10, 2014
👾
Exploit known to exist
Jun 10, 2014
Vulnerability published
Apr 20, 2011
Vulnerability Reserved
Feb 4, 2011