(Oracle Issues Fix for BEA JRockit) Java Runtime Environment (JRE) JMX Function Lets Remote Users Perform Unspecified Operations
|
|
SecurityTracker Alert ID: 1020741 |
|
SecurityTracker URL: http://securitytracker.com/id/1020741
|
|
CVE Reference:
CVE-2008-3103
(Links to External Site)
|
Date: Aug 25 2008
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): R27.6.0 and prior versions
|
Description:
A vulnerability was reported in Java Runtime Environment (JRE) in the Java Management Extensions capability. A remote user can perform certain functions on the target system. BEA JRockit is affected.
A remote user with a Java Management Extensions (JMX) management agent client can perform unauthorized operations on a target system that is running JMX with local monitoring enabled.
SDK and JRE 1.4.x and 1.3.x are not affected.
|
Impact:
A remote user can perform unspecified operations on the target system.
|
Solution:
Oracle has issued a fix for BEA JRockit, which is affected by this Java vulnerability.
The Oracle advisory is available at:
https://support.bea.com/application_content/product_portlets/securityadvisories/2794.html
|
Cause:
Not specified
|
Underlying OS:
Linux (Any), UNIX (Solaris - SunOS), Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Mon, 25 Aug 2008 18:37:20 -0400
Subject: [none]
|
http://support.bea.com/application_content/product_portlets/securityadvisories/2794.html
CVE-2008-3103
|
|
