2 matches found
CVE-2011-4358
CVE-2011-4358 affects Oracle GlassFish Server (3.0.1/3.1.1) via a JSF-related expression evaluation flaw that can allow remote attackers to affect confidentiality and integrity. The OpenVAS entry labels this as an Oracle GlassFish Server Expression Evaluation Security Bypass vulnerability (CVSS ~...
CVE-2011-3564
Oracle GlassFish Server 2.1.1 is affected by an unspecified vulnerability in the Administration component that allows local users to affect confidentiality. The issue is documented across multiple feeds (e.g., GlassFish NASL entry CVE-2011-3564) with an explicit remediation: upgrade to GlassFish ...