CVE Reference: CVE-2010-0738

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-0738

Description:
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/58147

ST
  1023918

SREASON
  http://securityreason.com/securityalert/8408

SAID
  Secunia Advisory: SA39563

REDHAT

HP
  http://marc.info/?l=bugtraq&m=132129312609324&w=2

CONFIRM
  http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35

BID
  39710


Return to the previous page.