PT-2010-4925 · Oracle+2 · Oracle Communications Messaging Server+2

Published

2010-10-13

Updated

2017-09-19

CVE-2010-3564

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Oracle Communications Messaging Server (Sun Java System Messaging Server) version 7.0

Description The issue affects confidentiality and integrity, and it is related to Webmail. Details about the vulnerability are not fully disclosed, but it may involve improper checking of AP-REQ requests in the Kerberos implementation, potentially leading to a denial of service in the JVM.

Recommendations For Oracle Communications Messaging Server (Sun Java System Messaging Server) version 7.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-3564

HPSBUX02608

RHSA-2010:0768

RHSA-2010:0865

RHSA-2010_0768

RHSA-2010_0865

Affected Products

Hp-Ux

Oracle Communications Messaging Server

Red Hat

PT-2010-4925 · Oracle+2 · Oracle Communications Messaging Server+2

CVE-2010-3564

Related Identifiers

Affected Products

References · 105