CVE-2014-3518
Summary
| CVE | CVE-2014-3518 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-07-22 20:55:00 UTC |
| Updated | 2014-07-23 13:14:00 UTC |
| Description | jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to execute arbitrary code via unspecified vectors. |
Risk And Classification
Problem Types: CWE-94
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Jboss Enterprise Application Platform | 5.2.0 | All | All | All |
| Application | Redhat | Jboss Enterprise Application Platform | 5.2.0 | All | All | All |
| Application | Redhat | Jboss Enterprise Brms Platform | 5.3.1 | All | All | All |
| Application | Redhat | Jboss Enterprise Brms Platform | 5.3.1 | All | All | All |
| Application | Redhat | Jboss Enterprise Portal Platform | 5.2.2 | All | All | All |
| Application | Redhat | Jboss Enterprise Portal Platform | 5.2.2 | All | All | All |
| Application | Redhat | Jboss Enterprise Soa Platform | 5.3.1 | All | All | All |
| Application | Redhat | Jboss Enterprise Soa Platform | 5.3.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.