CVE-2010-4438

Published: Jan 19, 2011Modified: Apr 29, 2026

5.7

Vector

AV:L/AC:L/Au:S/C:P/I:P/A:C

Exploitability: 3.1 / Impact: 8.5

Source: NVD

Description

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service (JMS).

Affected (4)

Products: Oracle: Glassfish Server, Java System Message Queue

Oracle

2 products

Glassfish Server

Java System Message Queue

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Oracle Glassfish Server	Version 2.1.1
Oracle Glassfish Server	Version 2.1
Oracle Glassfish Server	Version 3.0.1
Oracle Java System Message Queue	Version 4.1

References (14)

http://osvdb.org/70572

Source: secalert_us@oracle.com

http://osvdb.org/70573

Source: secalert_us@oracle.com

http://secunia.com/advisories/42988

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.securityfocus.com/bid/45890

Source: secalert_us@oracle.com

http://www.vupen.com/english/advisories/2011/0155

Source: secalert_us@oracle.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/64813

Source: secalert_us@oracle.com

http://osvdb.org/70572