[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-3491

Date: (C)2010-10-26   (M)2017-08-18 


The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance Manager before 1.3.2 do not properly handle JMX connections, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via unspecified vectors.

CVSS Score: 10.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECUNIA-41891
BID-44254
ADV-2010-2747
http://www.tibco.com/multimedia/activematrix_advisory_tcm8-12488.txt
http://www.tibco.com/services/support/advisories/activematrix-advisory_20101019.jsp
tibco-jmx-code-execution(62674)

CWE    1
CWE-20

© 2013 SecPod Technologies