Lucene search
K

4 matches found

CVE
CVE
added 2014/04/10 2:0 p.m.71 views

CVE-2013-6468

CVE-2013-6468 affects JBoss Drools and Red Hat JBoss BRMS/BPM Suite prior to 6.0.1. The flaw allows remote authenticated users to execute arbitrary Java code via MVFLEX (MVEL) or Drools expressions, caused by unsafe expression handling. Red Hat advisories RHSA-2014:0371/0372 document the fix in B...

6.5CVSS9.3AI score0.01968EPSS
Exploits1References4Affected Software3
seebug.org
seebug.org
added 2014/04/10 12:0 a.m.95 views

Drools任意代码执行漏洞

Bugtraq ID:66659 CVE ID:CVE-2013-6468 Drools具有一个易于访问企业策略、易于调整以及易于管理的开源业务规则引擎,符合业内标准,速度快、效率高。 Drools存在一个安全漏洞,允许远程通过验证的攻击者在MVEL或者Drools表达式中提交任意Java代码,可以应用服务安全上下文执行任意代码。 0 Drools 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: https://rhn.redhat.com/errata/RHSA-2014-0371.html...

6.5CVSS9.2AI score0.01968EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2014/04/03 9:30 p.m.57 views

Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.1 update

Red Hat JBoss BRMS 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...

9.8CVSS7.8AI score0.84362EPSS
Exploits10References9
RedHat Linux
RedHat Linux
added 2014/04/03 9:19 p.m.39 views

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.1 update

Red Hat JBoss BPM Suite 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

9.8CVSS7.8AI score0.84362EPSS
Exploits10References10
Rows per page
Query Builder