Buffer overflow

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service JMS...

CVE-2010-4438

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service JMS...

CVE-2010-4438

Removed by vendor...

CVE-2010-4438

CVE-2010-4438 relates to a local privilege escalation in Oracle GlassFish Server (notably GlassFish 2.x/3.0.1 and JMS components). The OpenVAS entries confirm a GlassFish privilege-escalation vulnerability with CVSS base 5.7 (local access, partial confidentiality/integrity impact, complete availa...

Code injection

Unspecified vulnerability in the IBM Asynchronous I/O aka AIO or libibmaio library in the Java Message Service JMS component in IBM WebSphere Application Server WAS 6.1.x before 6.1.0.17 on AIX 5.3 allows attackers to cause a denial of service daemon crash via vectors related to the aiogetioev2 a...

CVE-2009-0435

IBM WebSphere Application Server 6.1.x on AIX 5.3 is affected by a denial-of-service vulnerability in the IBM JMS AIO/libibmaio library (aio_getioev2 and getEvent). The issue exists in WAS 6.1.x before 6.1.0.17 and can cause a daemon crash. Remediation: upgrade to WAS 6.1.0.17 or later Fix Pack t...

Double free

The Java Message Service JMS in IBM WebSphere Application Server WAS before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release of a bytebuffer input stream," possibly a double free vulnerability...

CVE-2003-1222

BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a foreign Java Message Service JMS provider, echoes the password for the foreign provider to the console and stores it in cleartext in config.xml, which could allow attackers to obtain the password...