9 matches found
EUVD-2013-6254
Malware in sbrugna...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Framework Kit 2.5.0 security update
An update for the seam-remoting component of Red Hat JBoss Web Framework Kit 2.5.0 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CV...
Input validation
The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restriction and obtain information about arbitrary classes and methods on the server classpath via...
Xxe
Multiple XML External Entity XXE vulnerabilities in the 1 ExecutionHandler, 2 PollHandler, and 3 SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have oth...
CVE-2013-6447
Multiple XML External Entity XXE vulnerabilities in the 1 ExecutionHandler, 2 PollHandler, and 3 SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have oth...
CVE-2013-6447
The CVE-2013-6447 issue affects Red Hat JBoss Web Framework Kit 2.4.0, where the seam-remoting components (ExecutionHandler, PollHandler, SubscriptionHandler) unmarshalled untrusted XML and processed external entities, enabling an attacker to read files on the server. Red Hat’s advisory RHSA-2014...
Seam: Information disclosure in remoting
The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restriction and obtain information about arbitrary classes and methods on the server classpath via...
Moderate: Red Hat Security Advisory: Red Hat JBoss Web Framework Kit 2.4.0 update
An update for the seam-remoting component of Red Hat JBoss Web Framework Kit 2.4.0 that fixes two security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...
Seam: XML eXternal Entity (XXE) flaw in remoting
Multiple XML External Entity XXE vulnerabilities in the 1 ExecutionHandler, 2 PollHandler, and 3 SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have oth...