7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.109 Low
EPSS
Percentile
95.1%
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.
marc.info/?l=bugtraq&m=106546044416498&w=2
marc.info/?l=bugtraq&m=106547728803252&w=2
secunia.com/advisories/27914
sourceforge.net/docman/display_doc.php?docid=19314&group_id=22866
www.redhat.com/support/errata/RHSA-2007-1048.html
www.securityfocus.com/bid/8773
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11300