CVE-2010-4265

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) versions 4.3 through 4.3.0.CP09 JBoss Remoting versions 2.2.x through 2.2.3.SP3 JBoss Remoting versions 2.5.x through 2.5.3.SP1

Description The issue allows remote attackers to cause a denial of service by establishing a bisocket control connection TCP session and then not sending any application data. This is related to a missing patch.

Recommendations For Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) versions 4.3 through 4.3.0.CP09, update to a version that includes the missing patch. For JBoss Remoting versions 2.2.x through 2.2.3.SP3, update to version 2.2.3.SP4 or later. For JBoss Remoting versions 2.5.x through 2.5.3.SP1, update to version 2.5.3.SP2 or later.