CVE-2003-0845

Name of the Vulnerable Software and Affected Versions JBoss versions 3.0.8 and 3.2.1

Description The issue concerns an unknown vulnerability in the HSQLDB component of JBoss, which can be exploited by remote attackers to conduct unauthorized activities and possibly execute arbitrary code. This is achieved by sending certain SQL statements to specific TCP ports, namely port 1701 in JBoss 3.2.1 and port 1476 in JBoss 3.0.8.

Recommendations For JBoss version 3.0.8, consider restricting access to port 1476 to minimize the risk of exploitation. For JBoss version 3.2.1, consider restricting access to port 1701 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.