26 matches found
Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update
Updated JBoss Enterprise Application Platform 6.1.0 packages that fix three security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...
JBoss: custom authorization module implementations shared between applications
Red Hat JBoss Enterprise Application Platform EAP before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control...
Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update
Updated JBoss Enterprise Application Platform 6.1.0 packages that fix three security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...
JBoss: custom authorization module implementations shared between applications
Red Hat JBoss Enterprise Application Platform EAP before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control...
JBoss: custom authorization module implementations shared between applications
Red Hat JBoss Enterprise Application Platform EAP before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control...
Trend micro - IWSVA/IWSS - Authorization module password leak
There is possbile get username and password from "Proxy-Authorization" header, which is not correctly removed when authorization header sends WMP. Requirements: - IWSVA/IWSS basic authorization on - Client is using WMP 8-11 as video player - Standalone proxy if upstream proxy is used,...