5

CVE-2010-1429

Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string.  NOTE: this issue exists because of a CVE-2008-3273 regression.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatJboss Enterprise Application Platform Updatecp08 Version <= 4.2.0
RedhatJboss Enterprise Application Platform Updatecp07 Version <= 4.3.0
RedhatJboss Enterprise Application Platform Version4.2.0 Updatecp01
RedhatJboss Enterprise Application Platform Version4.2.0 Updatecp02
RedhatJboss Enterprise Application Platform Version4.2.0 Updatecp03
RedhatJboss Enterprise Application Platform Version4.2.0 Updatecp04
RedhatJboss Enterprise Application Platform Version4.2.0 Updatecp05
RedhatJboss Enterprise Application Platform Version4.2.0 Updatecp06
RedhatJboss Enterprise Application Platform Version4.2.0 Updatecp07
RedhatJboss Enterprise Application Platform Version4.3.0 Updatecp01
RedhatJboss Enterprise Application Platform Version4.3.0 Updatecp02
RedhatJboss Enterprise Application Platform Version4.3.0 Updatecp03
RedhatJboss Enterprise Application Platform Version4.3.0 Updatecp04
RedhatJboss Enterprise Application Platform Version4.3.0 Updatecp05
RedhatJboss Enterprise Application Platform Version4.3.0 Updatecp06
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 53.73% 0.989
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=132698550418872&w=2
http://secunia.com/advisories/39563
Vendor Advisory
http://securitytracker.com/id?1023918
http://www.securityfocus.com/bid/39710
http://www.vupen.com/english/advisories/2010/0992
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2010-0376.html
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2010-0377.html
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2010-0378.html
Vendor Advisory
https://rhn.redhat.com/errata/RHSA-2010-0379.html
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=585900
https://exchange.xforce.ibmcloud.com/vulnerabilities/58149
https://www.exploit-db.com/exploits/44009/