Oracle GlassFish/System Application Server Web Container DOS Vulnerability Network Vulnerability

Summary

The host is running GlassFish/System Application Server and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow malicious attackers to cause a denial of service. Impact Level: Application

Solution

Apply the security updates. http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html ***** NOTE: Ignore this warning, if above mentioned patch is manually applied. *****

Insight

The flaw is due to an unspecified error within the Web Container component, which allows remote users to cause denial of service conditions.

Affected

Oracle GlassFish version 2.1.1, 3.0.1 and 3.1.1 Oracle Java System Application Server version 8.1 and 8.2

References

http://secunia.com/advisories/46523
http://secunia.com/advisories/46524
http://www.securitytracker.com/id?1026222
http://xforce.iss.net/xforce/xfdb/70816

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3559
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

cfengine AuthenticationDialogue vulnerability
Apple iTunes Malformed .mov File Buffer Overflow Vulnerability
Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)
7-Zip Unspecified Archive Handling Vulnerability (Linux)
Apache 'mod_deflate' Denial Of Service Vulnerability - July09

Take action and discover your vulnerabilities