1
Candidate: CVE-2011-4605
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4605
5
https://rhn.redhat.com/errata/RHSA-2012-1022.html
7
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker
8
servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web
9
Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3
10
CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly
11
restrict write access, which allows remote attackers to add, delete, or
12
modify items in a JNDI tree via unspecified vectors.
17
Discovered-by: Christian Schlüter
21
upstream_jbossas4: needs-triage
22
hardy_jbossas4: ignored (reached end-of-life)
23
lucid_jbossas4: ignored (reached end-of-life)
24
natty_jbossas4: ignored (reached end-of-life)
25
oneiric_jbossas4: ignored (reached end-of-life)
26
precise_jbossas4: ignored (reached end-of-life)
27
precise/esm_jbossas4: DNE (precise was needs-triage)
28
quantal_jbossas4: ignored (reached end-of-life)
29
raring_jbossas4: ignored (reached end-of-life)
30
saucy_jbossas4: ignored (reached end-of-life)
31
trusty_jbossas4: needs-triage
32
utopic_jbossas4: ignored (reached end-of-life)
34
vivid/stable-phone-overlay_jbossas4: DNE
35
vivid/ubuntu-core_jbossas4: DNE