[Secure-testing-team] Bug#692035: CVE-2012-3155: vulnerability in the CORBA ORB component
Helmut Grohne
helmut at subdivi.de
Thu Nov 1 14:21:03 UTC 2012
Package: src:glassfish
Version: 1:2.1.1-b31g-3
Severity: serious
Tags: security
Dear glassfish maintainers,
Please determine whether and how glassfish as present in Debian is
affected by CVE-2012-3155. Please adjust the severity of this bug
accordingly.
| Unspecified vulnerability in the CORBA ORB component in Sun GlassFish
| Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and
| Sun Java System Application Server 8.1 and 8.2 allows remote attackers
| to affect availability, related to CORBA ORB.
Oracle mentions it on this page:
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Ubuntu has classified the issue medium and affected thus far:
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3155.html
Neither Red Hat nor Gentoo track the issue at the time of this writing.
Helmut
More information about the Secure-testing-team
mailing list