CVE-2012-3155
https://notcve.org/view.php?id=CVE-2012-3155
Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB. Vulnerabilidad no especificada en el componente CORBA ORB de Sun GlassFish Enterprise Server v2.1.1, Sun GlassFish Enterprise Server v3.0.1 y v3.1.2 y Sun Java Application Server System v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad, en relación con CORBA ORB. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.securityfocus.com/bid/56073 http://www.securitytracker.com/id?1027676 •
CVE-2012-0551 – Oracle GlassFish Server 3.1.1 (build 12) - Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0551
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment. Vulnerabilidad no especificada en el componente GlassFish Enterprise Server en Oracle Sun Products Suite GlassFish Enterprise Server v3.1.1 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con Web Container. Security-Assessment.com has discovered that components of the Oracle GlassFish Server administrative web interface are vulnerable to both reflected and stored cross site scripting attacks. All pages where cross site scripting vulnerabilities were discovered require authentication. Oracle GlassFish Server version 3.1.1 build 12 is affected. • https://www.exploit-db.com/exploits/18764 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://rhn.redhat.com/errata/RHSA-2013-1456.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com •
CVE-2012-0550 – Oracle GlassFish Server - REST Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2012-0550
Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Container. Vulnerabilidad sin especificar en el componente GlassFish Enterprise Server de Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1. Permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Web Container. Oracle GlassFish Server version 3.1.1 build 12 suffers from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/18766 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html http://www.securitytracker.com/id?1026941 •
CVE-2012-0104
https://notcve.org/view.php?id=CVE-2012-0104
Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect availability via unknown vectors related to Web Container. Vulnerabilidad no especificada en Oracle GlassFish Enterprise Server v3.0.1 y v3.1.1 permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relacionados con el contenedor web. • http://osvdb.org/78417 http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html https://exchange.xforce.ibmcloud.com/vulnerabilities/72497 •
CVE-2012-0081
https://notcve.org/view.php?id=CVE-2012-0081
Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration. Vulnerabilidad no especificada en Oracle GlassFish Enterprise Server v3.1.1 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad de la información a través de vectores desconocidos relacionados con la Administración. • http://osvdb.org/78415 http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html http://www.securityfocus.com/bid/51485 https://exchange.xforce.ibmcloud.com/vulnerabilities/72503 •