CVE-2014-3518
Red Hat JBoss Enterprise Application Platform 5.2.0 - Remote Code Execution via JMX Remoting
Title source: llmDescription
jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to execute arbitrary code via unspecified vectors.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0887.html
Scores
EPSS
0.0261
EPSS Percentile
83.5%
Details
CWE
CWE-94
Status
published
Products (4)
redhat/jboss_enterprise_application_platform
5.2.0
redhat/jboss_enterprise_brms_platform
5.3.1
redhat/jboss_enterprise_portal_platform
5.2.2
redhat/jboss_enterprise_soa_platform
5.3.1
Published
Jul 22, 2014
Tracked Since
Feb 18, 2026