CVE-2010-2397 - Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassF

CVE-2010-2397

Summary

Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI.

References

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

Vulnerable Configurations

cpe:2.3:a:oracle:java_system_application_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:java_system_application_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:java_system_application_server:8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:java_system_application_server:8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:java_system_application_server:8.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:java_system_application_server:8.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*

CVSS

Base:	2.4 (as of 23-10-2012 - 03:25)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	HIGH	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:L/AC:H/Au:S/C:P/I:P/A:N

refmap via4

confirm

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

Last major update

23-10-2012 - 03:25

Published

13-07-2010 - 22:30

Last modified

23-10-2012 - 03:25