Vulnerability-Lookup

CVE-2012-3155 (GCVE-0-2012-3155)

Vulnerability from cvelistv5 – Published: 2012-10-16 23:00 – Updated: 2024-08-06 19:57

Summary

Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.

Severity ?

No CVSS data available.

CWE

Assigner

oracle

References

URL

Tags

	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/56073	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id?1027676	vdb-entryx_refsource_SECTRACK
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA

Date Public ?

2012-10-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:57:49.846Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
          },
          {
            "name": "56073",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/56073"
          },
          {
            "name": "1027676",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027676"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-02-07T10:00:00.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
        },
        {
          "name": "56073",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/56073"
        },
        {
          "name": "1027676",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027676"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-3155",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
            },
            {
              "name": "56073",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/56073"
            },
            {
              "name": "1027676",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027676"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2012-3155",
    "datePublished": "2012-10-16T23:00:00.000Z",
    "dateReserved": "2012-06-06T00:00:00.000Z",
    "dateUpdated": "2024-08-06T19:57:49.846Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2012-3155",
      "date": "2026-05-04",
      "epss": "0.00605",
      "percentile": "0.69664"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E80F5AC-A2EF-4D8A-AE8F-5DD0FF9B48C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A56AAEB5-E5A5-44A4-8B82-0C465122F2C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C8196D0-06A9-4A0B-8864-AA8E8CF2DDB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_application_server:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"721D0068-2664-4E92-9D96-9007F2120450\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:java_system_application_server:8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E37E6C23-C834-40EE-BC54-48D11DBCEC0E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en el componente CORBA ORB de Sun GlassFish Enterprise Server v2.1.1, Sun GlassFish Enterprise Server v3.0.1 y v3.1.2 y Sun Java Application Server System v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad, en relaci\\u00f3n con CORBA ORB.\"}]",
      "id": "CVE-2012-3155",
      "lastModified": "2024-11-21T01:40:18.990",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2012-10-16T23:55:03.963",
      "references": "[{\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/56073\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.securitytracker.com/id?1027676\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/56073\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1027676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert_us@oracle.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-3155\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2012-10-16T23:55:03.963\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente CORBA ORB de Sun GlassFish Enterprise Server v2.1.1, Sun GlassFish Enterprise Server v3.0.1 y v3.1.2 y Sun Java Application Server System v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad, en relaci\u00f3n con CORBA ORB.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E80F5AC-A2EF-4D8A-AE8F-5DD0FF9B48C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56AAEB5-E5A5-44A4-8B82-0C465122F2C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C8196D0-06A9-4A0B-8864-AA8E8CF2DDB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_application_server:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"721D0068-2664-4E92-9D96-9007F2120450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:java_system_application_server:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37E6C23-C834-40EE-BC54-48D11DBCEC0E\"}]}]}],\"references\":[{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/56073\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.securitytracker.com/id?1027676\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/56073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1027676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-R833-7WJ9-95JQ

Vulnerability from github – Published: 2022-05-17 05:02 – Updated: 2022-05-17 05:02

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-3155"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-10-16T23:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.",
  "id": "GHSA-r833-7wj9-95jq",
  "modified": "2022-05-17T05:02:19Z",
  "published": "2022-05-17T05:02:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3155"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/56073"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1027676"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2012-AVI-586

Vulnerability from certfr_avis - Published: - Updated:

Dix-huit vulnérabilités ont été corrigées dans Oracle Sun Products Suite. Elles concernent des dénis de services à distance, des atteintes à l'intégrité des données, des atteintes à la confidentialité des données et des élévations de privilèges

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Solaris 8, 9, 10, 11
Oracle	N/A	Sun Java System Application Server 8.1
Oracle	N/A	Oracle GlassFish Server 3.1.2
Oracle	N/A	Sun Java System Application Server 8.2
Oracle	N/A	SPARC T3, Netra SPARC T3, SPARC T4, Netra SPARC T4
Oracle	N/A	Oracle GlassFish Server 3.0.1
Oracle	N/A	Sun GlassFish Enterprise Server 2.1.1

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle 16 octobre 2012	None	vendor-advisory
Bulletin de sécurité Oracle cpuoct2012-1515893 du 16 octobre 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Solaris 8, 9, 10, 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java System Application Server 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GlassFish Server 3.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java System Application Server 8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "SPARC T3, Netra SPARC T3, SPARC T4, Netra SPARC T4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GlassFish Server 3.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun GlassFish Enterprise Server 2.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3209"
    },
    {
      "name": "CVE-2012-3199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3199"
    },
    {
      "name": "CVE-2012-3206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3206"
    },
    {
      "name": "CVE-2012-5095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5095"
    },
    {
      "name": "CVE-2012-3204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3204"
    },
    {
      "name": "CVE-2012-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3189"
    },
    {
      "name": "CVE-2012-3208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3208"
    },
    {
      "name": "CVE-2012-3155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3155"
    },
    {
      "name": "CVE-2012-3211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3211"
    },
    {
      "name": "CVE-2012-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3215"
    },
    {
      "name": "CVE-2012-3205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3205"
    },
    {
      "name": "CVE-2012-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3212"
    },
    {
      "name": "CVE-2012-3165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3165"
    },
    {
      "name": "CVE-2012-3210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3210"
    },
    {
      "name": "CVE-2012-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0217"
    },
    {
      "name": "CVE-2012-3187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3187"
    },
    {
      "name": "CVE-2012-3207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3207"
    },
    {
      "name": "CVE-2012-3203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3203"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2012-1515893 du 16    octobre 2012 :",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    }
  ],
  "reference": "CERTA-2012-AVI-586",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Dix-huit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Sun Products Suite\u003c/span\u003e. Elles concernent des\nd\u00e9nis de services \u00e0 distance, des atteintes \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es,\ndes atteintes \u00e0 la confidentialit\u00e9 des donn\u00e9es et des \u00e9l\u00e9vations de\nprivil\u00e8ges\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Products Suite",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle 16 octobre 2012",
      "url": null
    }
  ]
}

CERTA-2012-AVI-586

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Solaris 8, 9, 10, 11
Oracle	N/A	Sun Java System Application Server 8.1
Oracle	N/A	Oracle GlassFish Server 3.1.2
Oracle	N/A	Sun Java System Application Server 8.2
Oracle	N/A	SPARC T3, Netra SPARC T3, SPARC T4, Netra SPARC T4
Oracle	N/A	Oracle GlassFish Server 3.0.1
Oracle	N/A	Sun GlassFish Enterprise Server 2.1.1

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle 16 octobre 2012	None	vendor-advisory
Bulletin de sécurité Oracle cpuoct2012-1515893 du 16 octobre 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Solaris 8, 9, 10, 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java System Application Server 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GlassFish Server 3.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun Java System Application Server 8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "SPARC T3, Netra SPARC T3, SPARC T4, Netra SPARC T4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle GlassFish Server 3.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun GlassFish Enterprise Server 2.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3209"
    },
    {
      "name": "CVE-2012-3199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3199"
    },
    {
      "name": "CVE-2012-3206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3206"
    },
    {
      "name": "CVE-2012-5095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5095"
    },
    {
      "name": "CVE-2012-3204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3204"
    },
    {
      "name": "CVE-2012-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3189"
    },
    {
      "name": "CVE-2012-3208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3208"
    },
    {
      "name": "CVE-2012-3155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3155"
    },
    {
      "name": "CVE-2012-3211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3211"
    },
    {
      "name": "CVE-2012-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3215"
    },
    {
      "name": "CVE-2012-3205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3205"
    },
    {
      "name": "CVE-2012-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3212"
    },
    {
      "name": "CVE-2012-3165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3165"
    },
    {
      "name": "CVE-2012-3210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3210"
    },
    {
      "name": "CVE-2012-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0217"
    },
    {
      "name": "CVE-2012-3187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3187"
    },
    {
      "name": "CVE-2012-3207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3207"
    },
    {
      "name": "CVE-2012-3203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3203"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2012-1515893 du 16    octobre 2012 :",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    }
  ],
  "reference": "CERTA-2012-AVI-586",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Dix-huit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Sun Products Suite\u003c/span\u003e. Elles concernent des\nd\u00e9nis de services \u00e0 distance, des atteintes \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es,\ndes atteintes \u00e0 la confidentialit\u00e9 des donn\u00e9es et des \u00e9l\u00e9vations de\nprivil\u00e8ges\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Products Suite",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle 16 octobre 2012",
      "url": null
    }
  ]
}

FKIE_CVE-2012-3155

Vulnerability from fkie_nvd - Published: 2012-10-16 23:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

References

URL	Tags
secalert_us@oracle.com	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/56073
secalert_us@oracle.com	http://www.securitytracker.com/id?1027676
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/56073
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027676

Impacted products

Vendor	Product	Version
oracle	glassfish_server	2.1.1
oracle	glassfish_server	3.0.1
oracle	glassfish_server	3.1.2
sun	java_system_application_server	8.1
sun	java_system_application_server	8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E80F5AC-A2EF-4D8A-AE8F-5DD0FF9B48C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A56AAEB5-E5A5-44A4-8B82-0C465122F2C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C8196D0-06A9-4A0B-8864-AA8E8CF2DDB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_application_server:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "721D0068-2664-4E92-9D96-9007F2120450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_application_server:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E37E6C23-C834-40EE-BC54-48D11DBCEC0E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente CORBA ORB de Sun GlassFish Enterprise Server v2.1.1, Sun GlassFish Enterprise Server v3.0.1 y v3.1.2 y Sun Java Application Server System v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad, en relaci\u00f3n con CORBA ORB."
    }
  ],
  "id": "CVE-2012-3155",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-10-16T23:55:03.963",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securityfocus.com/bid/56073"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securitytracker.com/id?1027676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/56073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027676"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2012-3155

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-3155

Aliases

CVE-2012-3155

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-3155",
    "description": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.",
    "id": "GSD-2012-3155",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-3155.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-3155"
      ],
      "details": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.",
      "id": "GSD-2012-3155",
      "modified": "2023-12-13T01:20:20.479950Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2012-3155",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
          },
          {
            "name": "56073",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/56073"
          },
          {
            "name": "1027676",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1027676"
          },
          {
            "name": "MDVSA-2013:150",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:java_system_application_server:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:java_system_application_server:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-3155"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
            },
            {
              "name": "56073",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/56073"
            },
            {
              "name": "1027676",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1027676"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-10-11T03:44Z",
      "publishedDate": "2012-10-16T23:55Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-3155 (GCVE-0-2012-3155)

GHSA-R833-7WJ9-95JQ

CERTA-2012-AVI-586

Solution

CERTA-2012-AVI-586

Solution

FKIE_CVE-2012-3155

GSD-2012-3155

Tags

Sightings

Nomenclature