logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2018:2664) Critical: Red Hat JBoss Enterprise Application Platform 5.2 security update

Description

Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas. This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2. Security Fix(es): * Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit.html.Paint2DResource. (CVE-2018-12533) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.


Affected Package


OS OS Version Package Name Package Version
RedHat 5 richfaces 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 5 richfaces-ui 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 5 richfaces-framework 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 5 richfaces-docs 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 5 richfaces-cdk 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 5 richfaces 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 5 richfaces-demo 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 5 richfaces-root 3.3.1-7.SP3_patch_02.ep5.el5
RedHat 6 richfaces-root 3.3.1-4.SP3_patch_02.ep5.el6_10
RedHat 6 richfaces 3.3.1-4.SP3_patch_02.ep5.el6_10
RedHat 6 richfaces-framework 3.3.1-4.SP3_patch_02.ep5.el6_10
RedHat 6 richfaces 3.3.1-4.SP3_patch_02.ep5.el6_10
RedHat 6 richfaces-ui 3.3.1-4.SP3_patch_02.ep5.el6_10
RedHat 6 richfaces-demo 3.3.1-4.SP3_patch_02.ep5.el6_10

Related