CVE-2012-3155

NameCVE-2012-3155
DescriptionUnspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium (attack range: remote)
Debian Bugs692035

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
glassfish (PTS)jessie1:2.1.1-b31g+dfsg1-2vulnerable
stretch1:2.1.1-b31g+dfsg1-4vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
glassfishsource(unstable)(unfixed)medium692035
glassfishsourcejessie(unfixed)end-of-life
glassfishsourcewheezy(unfixed)end-of-life

Notes

[stretch] - glassfish <ignored> (Only used a build dep, specific details withheld)
Oracle doesn't provide any useful public information to fix the package without importing a new upstream version.

Search for package or bug name: Reporting problems