Remote Code Execution Vulnerability in Sun GlassFish Enterprise Server and Oracle GlassFish Server
CVE-2012-3155

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Application Server; Glassfish Server
Vendor: CVE Published:; 16 October 2012

Summary

A vulnerability exists in the CORBA ORB component of Sun GlassFish Enterprise Server and Oracle GlassFish Server. This flaw could allow remote attackers to disrupt the service's availability, resulting in a potential denial-of-service situation. The affected products, which include multiple versions of GlassFish and Sun Java System Application Server, emphasize the need for diligent security practices and timely updates to protect against exploitation.

References

http://www.oracle.com/technetwork/topics/security/cpuoct2...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/56073

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1027676

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 16, 2012
Vulnerability Reserved
Jun 6, 2012