Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2011:1312
HistorySep 15, 2011 - 3:08 p.m.

(RHSA-2011:1312) Important: jbossws-common security update

2011-09-1515:08:30
access.redhat.com
19

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

82.8%

JSON

JBoss Web Services Native is a web service framework included as part of
JBoss Enterprise Application Platform. It implements the JAX-WS
specification.

It was found that JBoss Web Services Native did not properly protect
against recursive entity resolution when processing Document Type
Definitions (DTD). A remote attacker could exploit this flaw by sending a
specially-crafted HTTP POST request to a deployed web service, causing
excessive CPU and memory consumption on the system hosting that service. If
the attack is repeated to consume all available network sockets, the server
will become unavailable. (CVE-2011-1483)

All users of JBoss Enterprise Application Platform 4.3 as provided from the
Red Hat Customer Portal are advised to install this update.

Related

redhat 5
veracode 1
nessus 3
osv 1
prion 1
cve 1
github 1
securityvulns 2
redhat
redhat
(RHSA-2011:1302) Important: jbossws-common security update
2011-09-15 13:48:42
(RHSA-2011:1301) Important: jbossws-common security update
2011-09-15 00:00:00
(RHSA-2011:1310) Important: jbossws security update
2011-09-15 14:36:38
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:03:01
nessus
nessus
RHEL 4 / 5 : jbossws-common (RHSA-2011:1306)
2013-01-24 00:00:00
RHEL 4 / 5 : jbossas (RHSA-2011:1309)
2013-01-24 00:00:00
RHEL 4 / 5 / 6 : jbossws-common (RHSA-2011:1301)
2013-01-24 00:00:00
osv
osv
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
prion
prion
Input validation
2013-07-29 13:59:00
cve
cve
CVE-2011-1483
2013-07-29 13:59:00
github
github
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
securityvulns
securityvulns
[security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code
2013-07-29 00:00:00
HP Network Node Manager multiple security vulnerabilities
2013-07-29 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

82.8%

JSON
Related for RHSA-2011:1312
redhat5veracode1nessus3osv1prion1cve1github1securityvulns2