Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.0-M1, 3.0.0, 3.0-beta-1
    • Fix Version/s: 3.0.1
    • Component/s: core
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      A misconfigured RMI classloader in Apache Geronimo 3.0 may enable an attacker to send a serialized object via JMX that could compromise the system.

        Activity

          People

          • Assignee:
            Jarek Gawor
            Reporter:
            Jarek Gawor
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development