Unspecified Vulnerability in Oracle GlassFish Enterprise Server
CVE-2011-4358

Currently unrated

Key Information:

Vendor: Oracle
Status: Sun Glassfish Enterprise Server
Vendor: CVE Published:; 17 July 2012

What is CVE-2011-4358?

An unspecified vulnerability exists in Oracle GlassFish Enterprise Server versions 3.0.1 and 3.1.1, allowing remote attackers to compromise the confidentiality and integrity of data, particularly concerning JavaServer Faces (JSF). This flaw can lead to potential unauthorized access or manipulation of applications deployed on the affected server versions.

References

http://www.oracle.com/technetwork/topics/security/cpujul2...

x_refsource_CONFIRM

http://www.securitytracker.com/id?1027277

vdb-entryx_refsource_SECTRACK

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2012
Vulnerability Reserved
Nov 4, 2011