Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0845

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0845
Last Modified 21 Aug 2010 12:16:48
Published 17 Nov 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0845

Summary

Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.

Vulnerable Systems


References

BID - 8773

BUGTRAQ - 20031005 JBoss 3.2.1: Remote Command Injection

REDHAT - RHSA-2007:1048

CONFIRM - http://sourceforge.net/docman/display_doc.php?docid=19314&group_id=22866

SECUNIA - 27914

BUGTRAQ - 20031006 Update JBoss 308 & 321: Remote Command Injection


Last Updated: 27 May 2016 10:38:05