{
  "threat_severity" : "Moderate",
  "public_date" : "2013-09-30T00:00:00Z",
  "bugzilla" : {
    "description" : "Remoting: DoS by file descriptor exhaustion",
    "id" : "994321",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=994321"
  },
  "cvss" : {
    "cvss_base_score" : "5.0",
    "cvss_scoring_vector" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "status" : "verified"
  },
  "details" : [ "The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors." ],
  "acknowledgement" : "This issue was discovered by James Livingston (Red Hat Support Engineering Group).",
  "affected_release" : [ {
    "product_name" : "JBEWP 5 for RHEL 5",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1370",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_platform:5::el5",
    "package" : "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el5"
  }, {
    "product_name" : "JBEWP 5 for RHEL 6",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1370",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_platform:5::el6",
    "package" : "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el6"
  }, {
    "product_name" : "JBoss Enterprise BRMS Platform 5.3",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1373",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:5.3.1"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform 5.2",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1371",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:5.2.0"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform 5 for RHEL 4",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1369",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:5::el4",
    "package" : "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el4"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform 5 for RHEL 5",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1369",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:5::el5",
    "package" : "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el5"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform 5 for RHEL 6",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1369",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:5::el6",
    "package" : "jboss-remoting-0:2.5.4-11.SP4_patch01.ep5.el6"
  }, {
    "product_name" : "Red Hat JBoss Operations Network 3.1",
    "release_date" : "2013-10-21T00:00:00Z",
    "advisory" : "RHSA-2013:1448",
    "cpe" : "cpe:/a:redhat:jboss_operations_network:3.1.2"
  }, {
    "product_name" : "Red Hat JBoss SOA Platform 5.3",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1374",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_soa_platform:5.3.1"
  }, {
    "product_name" : "Red Hat JBoss Web Platform 5.2",
    "release_date" : "2013-09-30T00:00:00Z",
    "advisory" : "RHSA-2013:1372",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_platform:5.2.0"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat JBoss BRMS 5",
    "fix_state" : "Affected",
    "package_name" : "remoting",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:5"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform 4",
    "fix_state" : "Will not fix",
    "package_name" : "remoting",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:4"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform 6",
    "fix_state" : "Not affected",
    "package_name" : "remoting",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6"
  }, {
    "product_name" : "Red Hat JBoss Operations Network 3",
    "fix_state" : "Affected",
    "package_name" : "remoting",
    "cpe" : "cpe:/a:redhat:jboss_operations_network:3"
  }, {
    "product_name" : "Red Hat JBoss Portal 5",
    "fix_state" : "Will not fix",
    "package_name" : "remoting",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_portal_platform:5"
  }, {
    "product_name" : "Red Hat JBoss SOA Platform 5",
    "fix_state" : "Affected",
    "package_name" : "remoting",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_soa_platform:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-4210\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-4210" ],
  "name" : "CVE-2013-4210",
  "csaw" : false
}