Vulnerabilities > CVE-2010-4438 - Local Security vulnerability in Oracle Glassfish Server and Java System Message Queue
Attack vector
LOCAL Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
COMPLETE Summary
Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service (JMS).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_127411.NASL description Message Queue 4.1 Update 4 Patch 6 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 This plugin has been deprecated and either replaced with individual 127411 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 71651 published 2013-12-28 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=71651 title Solaris 10 (sparc) : 127411-16 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_127413.NASL description Message Queue 4.1 Update 4 Patch 6_x86 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 This plugin has been deprecated and either replaced with individual 127413 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 71698 published 2013-12-28 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=71698 title Solaris 10 (x86) : 127413-16 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS10_127411-16.NASL description Message Queue 4.1 Update 4 Patch 6 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 last seen 2020-06-01 modified 2020-06-02 plugin id 107460 published 2018-03-12 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107460 title Solaris 10 (sparc) : 127411-16 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_127413-16.NASL description Message Queue 4.1 Update 4 Patch 6_x86 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 last seen 2020-06-01 modified 2020-06-02 plugin id 107960 published 2018-03-12 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107960 title Solaris 10 (x86) : 127413-16 NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_127413.NASL description Message Queue 4.1 Update 4 Patch 6_x86 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 last seen 2020-06-01 modified 2020-06-02 plugin id 71748 published 2013-12-28 reporter This script is Copyright (C) 2013-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/71748 title Solaris 9 (x86) : 127413-16 NASL family Solaris Local Security Checks NASL id SOLARIS9_127411.NASL description Message Queue 4.1 Update 4 Patch 6 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 last seen 2020-06-01 modified 2020-06-02 plugin id 71741 published 2013-12-28 reporter This script is Copyright (C) 2013-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/71741 title Solaris 9 (sparc) : 127411-16
References
- http://osvdb.org/70572
- http://osvdb.org/70573
- http://secunia.com/advisories/42988
- http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
- http://www.securityfocus.com/bid/45890
- http://www.vupen.com/english/advisories/2011/0155
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64813