Glassfish Server@3.0.1 Security Vulnerabilities and Issues — Glassfish Server@3.0.1 CVE List

Lucene search

OracleGlassfish Server3.0.1

23 matches found

CVE•added 2011/04/20 3:14 a.m.•142 views

CVE-2011-0807

Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.

10CVSS5.9AI score0.88889EPSS

CVE•added 2011/12/30 1:55 a.m.•129 views

CVE-2011-5035

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers...

5CVSS8.9AI score0.52412EPSS

CVE•added 2016/07/21 10:14 a.m.•119 views

CVE-2016-3607

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container.

10CVSS8.4AI score0.04552EPSS

CVE•added 2017/07/17 1:18 p.m.•106 views

CVE-2017-1000029

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

7.5CVSS7.8AI score0.72669EPSS

CVE•added 2015/06/22 7:59 p.m.•97 views

CVE-2015-3237

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

6.4CVSS8.1AI score0.02783EPSS

CVE•added 2017/01/27 10:59 p.m.•75 views

CVE-2016-5528

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise O...

9CVSS8.9AI score0.00913EPSS

CVE•added 2017/10/19 5:29 p.m.•70 views

CVE-2017-10391

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish S...

7.5CVSS6.4AI score0.00682EPSS

CVE•added 2017/01/27 10:59 p.m.•65 views

CVE-2017-3250

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish ...

7.5CVSS7AI score0.00713EPSS

CVE•added 2016/10/25 2:29 p.m.•63 views

CVE-2016-5519

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces.

8.8CVSS7.4AI score0.01101EPSS

CVE•added 2017/10/19 5:29 p.m.•62 views

CVE-2017-10385

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Se...

6.8CVSS5.6AI score0.0039EPSS

CVE•added 2017/10/19 5:29 p.m.•62 views

CVE-2017-10393

6.8CVSS5.8AI score0.00405EPSS

CVE•added 2011/10/18 10:55 p.m.•58 views

CVE-2011-3559

Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote attackers to affect availability via unknown vectors related to Web Container.

7.8CVSS5.8AI score0.00955EPSS

CVE•added 2012/10/16 11:55 p.m.•58 views

CVE-2012-3155

Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.

5CVSS6.3AI score0.0082EPSS

CVE•added 2017/01/27 10:59 p.m.•56 views

CVE-2017-3249

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via LDAP to compromise Oracle GlassFish ...

7.5CVSS7AI score0.0076EPSS

CVE•added 2017/07/17 1:18 p.m.•55 views

CVE-2017-1000030

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.

9.8CVSS9.6AI score0.04204EPSS

CVE•added 2016/07/21 10:15 a.m.•54 views

CVE-2016-5477

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration.

5.8CVSS5AI score0.00348EPSS

CVE•added 2017/01/27 10:59 p.m.•53 views

CVE-2017-3247

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMTP to compromise Oracle GlassFish Serv...

4.3CVSS4.6AI score0.00506EPSS

CVE•added 2017/01/27 10:59 p.m.•50 views

CVE-2017-3239

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GlassFish Server...

3.3CVSS4.1AI score0.00036EPSS

CVE•added 2016/07/21 10:14 a.m.•49 views

CVE-2016-3608

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration.

5.8CVSS5AI score0.00348EPSS

CVE•added 2012/01/18 10:55 p.m.•47 views

CVE-2012-0104

Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect availability via unknown vectors related to Web Container.

5CVSS5.9AI score0.0041EPSS

CVE•added 2008/06/18 7:41 p.m.•45 views

CVE-2008-2751

Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.1_01 allow remote attackers to inject arbitrary web script or HTML via the (1) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, (2)...

4.3CVSS5.7AI score0.00478EPSS

CVE•added 2013/04/17 12:14 p.m.•41 views

CVE-2013-1508

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Middleware Products 3.0.1 and 3.1.2 allows remote attackers to affect integrity via vectors related to REST Interface.

4.3CVSS5.8AI score0.00165EPSS

CVE•added 2011/01/19 5:0 p.m.•37 views

CVE-2010-4438

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service (JMS).

5.7CVSS5.6AI score0.00132EPSS