Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Oracle GlassFish Server 2.1.1 / 3.0.1 / 3.1.2 Multiple Vulnerabilities (October 2013 CPU)

Medium

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

Oracle GlassFish versions 2.1.1, 3.0.1, and 3.1.2 are affected by the following vulnerabilities :/n/n - The Java Server Faces is prone to multiple directory traversal vulnerabilities/n - The Metro component is affected by a remote security vulnerability which can be exploited via SOAP/n - The Metro component is also affected by a potential DoS condition which can be exploited via SOAP/n

Solution

Upgrade to GlassFish Server 2.1.1.22 / 3.0.1.8 / 3.1.2.7 or later.