15 matches found
Security Bulletin: Potential security vulnerability in WebSphere Application Server CVE-2013-1768 PM86780
Abstract Potential security vulnerability in WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-1768 PM86780, PM86786, PM86788 and PM86791 DESCRIPTION: Deserialization of a maliciously crafted OpenJPA object can result in an executable file being written to the file syste...
br.net.woodstock.rockframework:rockframework-domain (>=1.2.4 <=2.0.8), br.net.woodstock.rockframework:rockframework-persistence (>=2.0.0 <=2.0.8) +422 more potentially affected by CVE-2013-1768 via org.apache.openjpa:openjpa (>=2.0.0 <=2.2.1)
org.apache.openjpa:openjpa MAVEN version =2.0.0, =1.2.4, =2.0.0, =1.0.0, =1.0.0, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =18.0.0.3, =1.0.0, =0.20, =0.20, =2.1.0-rc.3 and more Source cves: CVE-2013-1768 Source advisory: OSV:GHSA-J65F-MVGW-PRP2...
Mageia: Security Advisory (MGASA-2013-0292)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: OpenJPA as used in IBM QRadar SIEM is vulnerable to remote code execution. (CVE-2013-1768)
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2013-1768 DESCRIPTION: Deserialization of a maliciously crafted OpenJPA object can result in an executable file being written to...
Mandriva Linux Security Advisory : openjpa (MDVSA-2013:246)
Updated openjpa packages fix security vulnerability : The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...
MGASA-2013-0292 Updated openjpa packages fix CVE-2013-1768
Updated openjpa packages fix security vulnerability: The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...
Updated openjpa packages fix CVE-2013-1768
Updated openjpa packages fix security vulnerability: The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...
Important: Red Hat Security Advisory: Red Hat JBoss Fuse 6.0.0 patch 2
Red Hat JBoss Fuse 6.0.0 patch 2, which fixes several security issues and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Fedora Update for openjpa FEDORA-2013-12967
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for openjpa FEDORA-2013-12960
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 17 : openjpa-2.2.0-3.fc17 (2013-12967)
fix for CVE-2013-1768 rhbz984034,984040. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora 18 : openjpa-2.2.0-3.fc18 (2013-12960)
fix for CVE-2013-1768 rhbz984034,984040 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora 19 : openjpa-2.2.1-6.fc19 (2013-12948)
fix for CVE-2013-1768 rhbz984034,984040. fix ant.d script. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2013-1768
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...
CVE-2013-1768
CVE-2013-1768 involves deserialization of a malicious OpenJPA object; IBM bulletins note the embedded OpenJPA code is present in WebSphere Application Server but is not exploitable by WAS itself. Affected WAS versions ship the vulnerable OpenJPA code (not exploitable) and IBM provides fixes via A...