CVE-2013-4210

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Remoting versions 5.3.1 GA and earlier Red Hat JBoss SOA Platform version 5.3.1 GA Red Hat Web Platform version 5.2.0 Red Hat Enterprise Application Platform version 5.2.0

Description The issue allows remote attackers to cause a denial of service, specifically file descriptor consumption, via unspecified vectors. This is related to the org.jboss.remoting.transport.socket.ServerThread class.

Recommendations For Red Hat JBoss Remoting version 5.3.1 GA and earlier, consider restricting access to the ServerThread class until a patch is available. For Red Hat JBoss SOA Platform version 5.3.1 GA, update to a version that includes a fix for the issue. For Red Hat Web Platform version 5.2.0, update to a version that includes a fix for the issue. For Red Hat Enterprise Application Platform version 5.2.0, update to a version that includes a fix for the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.