CVE-2011-4358

EUVD-2011-4288
Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
oraclesun_glassfish_enterprise_server
3.0.1
oraclesun_glassfish_enterprise_server
3.1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mojarra
bookworm
2.2.8-6
fixed
bullseye
2.2.8-6
fixed
sid
2.2.8-6
fixed
trixie
2.2.8-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mojarra
hardy
dne
lucid
dne
maverick
Fixed 2.0.3-1+squeeze1build0.10.10.1
released
natty
Fixed 2.0.3-1+squeeze1build0.11.04.1
released
oneiric
Fixed 2.0.3-1+squeeze1build0.11.10.1
released
References
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
http://www.securitytracker.com/id?1027277
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
http://www.securitytracker.com/id?1027277