Vigil@nce - Sun GlassFish: vulnerability of JMS
January 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can send a message to Java Message
Service, in order to obtain information, to alter information, or
to create a denial of service.
Severity: 2/4
Creation date: 19/01/2011
IMPACTED PRODUCTS
– Oracle GlassFish Enterprise Server
DESCRIPTION OF THE VULNERABILITY
The JMS (Java Message Service) service is used by applications to
exchange information. The Sun GlassFish Enterprise Server and Sun
Java System Message Queue products use it.
An authenticated attacker can send a message to Java Message
Service, in order to obtain information, to alter information, or
to create a denial of service.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Sun-GlassFish-vulnerability-of-JMS-10282