CVE-2010-1429

EPSS 27.36% · P96 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-1429

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Red Hat JBoss Enterprise Application Platform 权限许可和访问控制问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Red Hat JBoss Enterprise Application Platform（EAP）是美国红帽（Red Hat）公司的一套开源的、基于J2EE的中间件平台。该平台主要用于构建、部署和托管Java应用程序与服务。 Red Hat JBoss Enterprise Application Platform 4.2版本至4.2.0.CP09之前版本、4.3版本至4.3.0.CP08之前版本存在权限许可和访问控制问题漏洞。攻击者利用该漏洞可以访问敏感信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2010-1429

#	POC Description	Source Link	Shenlong Link
1	Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2010/CVE-2010-1429.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2010-1429

Please Login to view more intelligence information

https://bugzilla.redhat.com/show_bug.cgi?id=585900x_refsource_CONFIRM
https://www.exploit-db.com/exploits/44009/exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/39563third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/39710vdb-entryx_refsource_BID
http://securitytracker.com/id?1023918vdb-entryx_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=132698550418872&w=2vendor-advisoryx_refsource_HP
http://www.vupen.com/english/advisories/2010/0992vdb-entryx_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2010-0376.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2010-0379.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2010-0378.htmlvendor-advisoryx_refsource_REDHAT
https://rhn.redhat.com/errata/RHSA-2010-0377.htmlvendor-advisoryx_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/58149vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2010-1429

Same Patch Batch · n/a · 2010-04-28 · 18 CVEs total

CVE-2010-1596		SITracke Support Incident Tracker授权问题漏洞
CVE-2010-1587		Apache ActiveMQ URL请求源码泄露漏洞
CVE-2010-1586		HP系统管理主页RedirectUrl参数URI重新定向漏洞
CVE-2010-1585		Mozilla Firefox/Thunderbird/SeaMonkey nsIScriptableUnescapeHTML.parseFragment方法输入验证漏洞
CVE-2010-1428		Red Hat JBoss企业应用平台多个漏洞
CVE-2010-1038		HP Systems Insight Manager 未明权限提升漏洞
CVE-2010-1037		HP Systems Insight Manager 未明跨站请求伪造漏洞
CVE-2010-1036		HP Systems Insight Manager 未明跨站脚本攻击漏洞
CVE-2010-0738		Red Hat JBoss Enterprise Application Platform 权限许可和访问控制问题漏洞
CVE-2010-1588		Vpasp Rocksalt International VP-ASP Shopping Cart 'shopsessionsubs.asp' Getwebsess函数SQL注入漏
CVE-2010-1595		OCS Inventory NG 'ocsreports/index.php'多个SQL注入漏洞
CVE-2010-1594		OCS Inventory NG 'ocsreports/index.php'多个跨站脚本攻击漏洞
CVE-2010-1593		SilverStripe 多个跨站脚本攻击漏洞
CVE-2010-1592		SiSoftware Sandra 'sandra.sys'输入验证漏洞
CVE-2010-1591		Rising-Global瑞星杀毒软件IOCTL请求处理本地权限提升漏洞
CVE-2010-1590		Vpasp Rocksalt International VP-ASP Shopping Cart 'shopsessionsubs.asp'跨站脚本攻击漏洞
CVE-2010-1589		Vpasp Rocksalt International VP-ASP Shopping Cart 'shopsessionsubs.asp'目录遍历漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2010-1429

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2010-1429

I. Basic Information for CVE-2010-1429

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2010-1429

III. Intelligence Information for CVE-2010-1429

Same Patch Batch · n/a · 2010-04-28 · 18 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2010-1429

Leave a comment