Weekly Vulnerabilities Reports > April 26 to May 2, 2010
Overview
2 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 1 products from 1 vendors including and Redhat. Vulnerabilities are notably categorized as .
- 2 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities are exploitable by an anonymous user.
- Redhat has the most reported vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|
1 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-04-28 | CVE-2010-1428 | Redhat | Unspecified vulnerability in Redhat Jboss Enterprise Application Platform 4.2.0/4.3.0 The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method. | 7.5 |
1 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-04-28 | CVE-2010-0738 | Redhat | Unspecified vulnerability in Redhat Jboss Enterprise Application Platform 4.2.0/4.3.0 The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method. | 5.3 |
0 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|