[GERONIMO-6477] Misconfigured RMI classloader - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.0-M1, 3.0.0, 3.0-beta-1
Fix Version/s: 3.0.1
Component/s: core
Security Level: public (Regular issues)
Labels:
None

Description

A misconfigured RMI classloader in Apache Geronimo 3.0 may enable an attacker to send a serialized object via JMX that could compromise the system.

Attachments

Activity

People

Assignee:: Jarek Gawor

Reporter:: Jarek Gawor

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 01/Jul/13 16:03

Updated:: 01/Jul/13 16:06

Resolved:: 01/Jul/13 16:06