Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3862

Опубликовано: 30 дек. 2010
Источник: nvd
CVSS2: 2.6
EPSS Низкий

Описание

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterprise Web Platform (aka JBEWP) 5.1.0; allows remote attackers to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:redhat:jboss_remoting:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp10:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp11:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp2:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp4:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp7:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.2:sp8:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:sp1:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:sp2:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_remoting:2.2.3:sp3:*:*:*:*:*:*

Одно из

cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp01:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp02:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp03:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp04:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp05:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp06:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp07:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp08:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp09:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 82%
0.01675
Низкий

2.6 Low

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2010-3862

ubuntu
около 15 лет назад

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterprise Web Platform (aka JBEWP) 5.1.0; allows remote attackers to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data.

redhat логотип

CVE-2010-3862

redhat
около 15 лет назад

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterprise Web Platform (aka JBEWP) 5.1.0; allows remote attackers to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data.

debian логотип

CVE-2010-3862

debian
около 15 лет назад

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$Second ...

github логотип

GHSA-3f3h-gc4r-7vvp

github
больше 3 лет назад

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterprise Web Platform (aka JBEWP) 5.1.0; allows remote attackers to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data.

EPSS

Процентиль: 82%
0.01675
Низкий

2.6 Low

CVSS2

Дефекты

CWE-20