logo
DATABASE RESOURCES PRICING ABOUT US

Arbitrary code execution in Richfaces

Description

JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.


Affected Software


CPE Name Name Version
org.richfaces:richfaces-core 4.5.0.Alpha3
org.richfaces:richfaces-core 4.5.0.Beta1
org.richfaces:richfaces-core 4.5.0.Beta2
org.richfaces:richfaces-core 4.5.0.CR1
org.richfaces:richfaces-core 4.5.0.CR2
org.richfaces:richfaces-core 4.5.0.Final
org.richfaces:richfaces-core 4.5.1.Final
org.richfaces:richfaces-core 4.5.10.Final
org.richfaces:richfaces-core 4.5.11.Final
org.richfaces:richfaces-core 4.5.12.Final
org.richfaces:richfaces-core 4.5.13.Final
org.richfaces:richfaces-core 4.5.14.Final
org.richfaces:richfaces-core 4.5.15.Final
org.richfaces:richfaces-core 4.5.16.Final
org.richfaces:richfaces-core 4.5.17.Final
org.richfaces:richfaces-core 4.5.2.Final
org.richfaces:richfaces-core 4.5.3.Final
org.richfaces:richfaces-core 4.5.4.Final
org.richfaces:richfaces-core 4.5.5.Final
org.richfaces:richfaces-core 4.5.6.Final
org.richfaces:richfaces-core 4.5.7.Final
org.richfaces:richfaces-core 4.5.8.Final
org.richfaces:richfaces-core 4.5.9.Final

Related