Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   Sun GlassFish Enterprise Server Vendors:   Oracle, Sun
Sun GlassFish Enterprise Server Web Container Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1026222
SecurityTracker URL:
CVE Reference:   CVE-2011-3559   (Links to External Site)
Date:  Oct 19 2011
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.1.1, 3.0.1, 3.1.1
Description:   A vulnerability was reported in Sun GlassFish Enterprise Server. A remote user can cause denial of service conditions.

The Web Container component is affected.

The Glassfish Communications Server and Sun Java System Application Server products are also affected.

The following researchers reported these and other Oracle vulnerabilities:

Esteban Martinez Fayo of Application Security, Inc.; Guy Karlebach of Imperva, Inc.; Joonas Kuorilehto and Juho Juopperi; Martin Rakhmanov of Application Security, Inc.; Michael Schmidt of Compass Security; Moritz Jodeit; Ofer Maor formerly of Hacktics; Pavel Polischouk of TELUS Security Labs; Recx ApexSec; and Steven Seeley of Corelan Team.

Impact:   A remote user can cause denial of service conditions.
Solution:   The vendor has issued a fix, described in their October 2011 Critical Patch Update advisory.

The vendor's advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Not specified
Underlying OS:  UNIX (Solaris - SunOS)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC