Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-3862
HistoryDec 30, 2010 - 9:00 p.m.

CVE-2010-3862

2010-12-3021:00:01
CWE-20
[email protected]
web.nvd.nist.gov
23
cve-2010-3862
jboss
remoting
bisocket
denial of service
nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.036 Low

EPSS

Percentile

91.7%

JSON

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterprise Web Platform (aka JBEWP) 5.1.0; allows remote attackers to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data.

Affected configurations

NVD
Node
redhatjboss_remotingMatch2.2.0
OR
redhatjboss_remotingMatch2.2.2sp10
OR
redhatjboss_remotingMatch2.2.2sp11
OR
redhatjboss_remotingMatch2.2.2sp2
OR
redhatjboss_remotingMatch2.2.2sp4
OR
redhatjboss_remotingMatch2.2.2sp7
OR
redhatjboss_remotingMatch2.2.2sp8
OR
redhatjboss_remotingMatch2.2.3
OR
redhatjboss_remotingMatch2.2.3sp1
OR
redhatjboss_remotingMatch2.2.3sp2
OR
redhatjboss_remotingMatch2.2.3sp3
AND
redhatjboss_enterprise_application_platformMatch4.3.0
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp01
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp02
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp03
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp04
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp05
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp06
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp07
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp08
OR
redhatjboss_enterprise_application_platformMatch4.3.0cp09
OR
redhatjboss_enterprise_application_platformMatch5.1.0
OR
redhatjboss_enterprise_web_platformMatch5.1.0

Related

veracode 2
nvd 2
ubuntucve 2
redhat 7
nessus 5
prion 2
cvelist 2
cve 1
openvas 1
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:50:35
Denial Of Service (DoS)
2020-04-10 00:59:11
nvd
nvd
CVE-2010-3862
2010-12-30 21:00:01
CVE-2010-4265
2010-12-30 21:00:02
ubuntucve
ubuntucve
CVE-2010-3862
2010-12-30 00:00:00
CVE-2010-4265
2010-12-30 00:00:00
redhat
redhat
(RHSA-2010:0961) Low: JBoss Enterprise Web Platform 5.1.0 security and bug fix update
2010-12-08 00:00:00
(RHSA-2010:0960) Low: JBoss Enterprise Application Platform 5.1.0 security and bug fix update
2010-12-08 00:00:00
(RHSA-2010:0963) Low: JBoss Enterprise Application Platform 5.1.0 security update
2010-12-08 14:35:03
nessus
nessus
RHEL 4 : JBoss EAP (RHSA-2010:0959)
2013-01-24 00:00:00
RHEL 5 : JBoss EAP (RHSA-2010:0960)
2013-01-24 00:00:00
RHEL 4 / 5 : jboss-remoting (RHSA-2010:0964)
2013-01-24 00:00:00
prion
prion
Design/Logic Flaw
2010-12-30 21:00:00
Design/Logic Flaw
2010-12-30 21:00:00
cvelist
cvelist
CVE-2010-3862
2010-12-30 20:00:00
CVE-2010-4265
2010-12-30 20:00:00
cve
cve
CVE-2010-4265
2010-12-30 21:00:02
openvas
openvas
Red Hat JBoss Enterprise Application Platform (EAP) <= 4.3.0 Multiple Vulnerabilities
2010-12-02 00:00:00

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.036 Low

EPSS

Percentile

91.7%

JSON
Related for CVE-2010-3862
veracode2nvd2ubuntucve2redhat7nessus5prion2cvelist2cve1openvas1