Lucene search
K

8 matches found

Prion
Prion
added 2014/08/19 6:55 p.m.22 views

Input validation

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers...

5.5CVSS6.4AI score0.01809EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/08/19 6:0 p.m.63 views

CVE-2014-3464

CVE-2014-3464 affects Red Hat JBossWS used in JBoss EAP 6.2.0 and 6.3.0. The EJB invocation handler fails to enforce method-level restrictions for outbound messages, allowing remote authenticated users to access restricted JAX-WS handlers via permissions to the EJB class. This stems from an incom...

5.5CVSS8.9AI score0.01087EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/01/10 12:0 a.m.67 views

RHEL 5 : JBoss EAP (RHSA-2013:1784)

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. Common...

5.5CVSS7.1AI score0.01809EPSS
Exploits1References5
CVE
CVE
added 2013/12/06 5:0 p.m.81 views

CVE-2013-2133

The CVE-2013-2133 issue affects Red Hat JBossWS within JBoss EAP older than 6.2.0. The EJB invocation handler for JAX-WS Service endpoints fails to enforce method-level restrictions, allowing remote authenticated users to access handlers that should be restricted due to permissions on the EJB cla...

5.5CVSS8.8AI score0.01809EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/12/05 12:0 a.m.35 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.2.0 update (Low) (RHSA-2013:1786)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1786 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. The HawtJNI Library...

5.5CVSS7.2AI score0.01809EPSS
Exploits1References51
RedHat Linux
RedHat Linux
added 2013/12/04 6:0 p.m.49 views

Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update

Updated Red Hat JBoss Enterprise Application Platform 6.2.0 packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common...

5.5CVSS7AI score0.01809EPSS
Exploits1References47
RedHat Linux
RedHat Linux
added 2013/12/04 5:58 p.m.36 views

Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update

Updated Red Hat JBoss Enterprise Application Platform 6.2.0 packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common...

5.5CVSS7AI score0.01809EPSS
Exploits1References46
RedHat Linux
RedHat Linux
added 2013/12/04 5:16 p.m.38 views

Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having low security impact. Common...

5.5CVSS7AI score0.01809EPSS
Exploits1References5
Rows per page
Query Builder