SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   BEA JRockit Vendors:   Oracle
(Oracle Issues Fix for BEA JRockit) Java Runtime Environment (JRE) JMX Function Lets Remote Users Perform Unspecified Operations
SecurityTracker Alert ID:  1020741
SecurityTracker URL:  http://securitytracker.com/id/1020741
CVE Reference:   CVE-2008-3103   (Links to External Site)
Date:  Aug 25 2008
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): R27.6.0 and prior versions
Description:   A vulnerability was reported in Java Runtime Environment (JRE) in the Java Management Extensions capability. A remote user can perform certain functions on the target system. BEA JRockit is affected.

A remote user with a Java Management Extensions (JMX) management agent client can perform unauthorized operations on a target system that is running JMX with local monitoring enabled.

SDK and JRE 1.4.x and 1.3.x are not affected.

Impact:   A remote user can perform unspecified operations on the target system.
Solution:   Oracle has issued a fix for BEA JRockit, which is affected by this Java vulnerability.

The Oracle advisory is available at:

https://support.bea.com/application_content/product_portlets/securityadvisories/2794.html

Cause:   Not specified
Underlying OS:  Linux (Any), UNIX (Solaris - SunOS), Windows (Any)

Message History:   This archive entry is a follow-up to the message listed below.
Jul 10 2008 Java Runtime Environment (JRE) JMX Function Lets Remote Users Perform Unspecified Operations



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC