8 matches found
Input validation
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers...
CVE-2014-3464
CVE-2014-3464 affects Red Hat JBossWS used in JBoss EAP 6.2.0 and 6.3.0. The EJB invocation handler fails to enforce method-level restrictions for outbound messages, allowing remote authenticated users to access restricted JAX-WS handlers via permissions to the EJB class. This stems from an incom...
RHEL 5 : JBoss EAP (RHSA-2013:1784)
An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. Common...
CVE-2013-2133
The CVE-2013-2133 issue affects Red Hat JBossWS within JBoss EAP older than 6.2.0. The EJB invocation handler for JAX-WS Service endpoints fails to enforce method-level restrictions, allowing remote authenticated users to access handlers that should be restricted due to permissions on the EJB cla...
RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.2.0 update (Low) (RHSA-2013:1786)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1786 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. The HawtJNI Library...
Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update
Updated Red Hat JBoss Enterprise Application Platform 6.2.0 packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common...
Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update
Updated Red Hat JBoss Enterprise Application Platform 6.2.0 packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common...
Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update
An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. Common...