Privilege Escalation

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update

JBoss Enterprise Application Platform 5.2.0, which fixes multiple security issues, various bugs, and adds several enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

CVE-2012-2379

CVE-2012-2379 is tied to Apache CXF in the 2.4.x/2.5.x/2.6.x lines where a Supporting Token with a child WS-SecurityPolicy 1.1/1.2 policy may fail to ensure an XML element is signed or encrypted. The F5 advisory repository lists this CVE among multiple CXF/JBoss issues, reiterating the same under...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

JBoss Enterprise Application Platform 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

Important: Red Hat Security Advisory: JBoss Enterprise BRMS Platform 5.3.1 update

JBoss Enterprise BRMS Platform 5.3.1, which fixes one security issue, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS ba...

Fedora Update for cxf FEDORA-2012-15329

Check for the Version of cxf OpenVAS Vulnerability Test Fedora Update for cxf FEDORA-2012-15329 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora 17 : cxf-2.4.9-2.fc17 (2012-15329)

Place depmap fragments in subpackages - Add parent of parent POM file - Update to latest release - CVE-2012-2379, RHBZ846247 - CVE-2012-2378, RHBZ846242 - CVE-2012-3451, RHBZ858781 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Fedora 18 : cxf-2.4.9-2.fc18 (2012-15293)

Place depmap fragments in subpackages - Add parent of parent POM file - Update to latest release - CVE-2012-2379, RHBZ846247 - CVE-2012-2378, RHBZ846242 - CVE-2012-3451, RHBZ858781 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Apache CXF Failed Element Verification(CVE-2012-2379)

No description provided by source. CVE-2012-2379: Apache CXF does not verify that elements were signed or encrypted by a particular Supporting Token. Severity: Important Vendor: The Apache Software Foundation Versions Affected: This vulnerability affects all released versions of Apache CXF...