Important: Red Hat Security Advisory: Red Hat Fuse 7.3.1 security update

A micro version update from 7.3 to 7.3.1 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...

Security Bulletin: A vulnerability in Open Source BeanShell has been addressed by IBM Kenexa LMS (CVE-2016-2510)

Summary A vulnerability in Open Source BeanShell has been addressed by LMS Vulnerability Details CVEID: CVE-2016-2510 DESCRIPTION: BeanShell could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data using Java serialization or XStream. ...

Security Bulletin: A vulnerability in Open Source BeanShell has been addressed by IBM Kenexa LCMS Premier (CVE-2016-2510)

Summary A vulnerability in Open Source BeanShell has been addressed by LCMS Premier Vulnerability Details CVEID: CVE-2016-2510 DESCRIPTION: BeanShell could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data using Java serialization or...

Security Bulletin: Vulnerability in BeanShell affects IBM Emptoris Strategic Supply Management. (CVE-2016-2510).

Summary A BeanShell vulnerability for handling Java object deserialization was addressed by IBM Emptoris Strategic Supply Management Platform, IBM Contract Management and IBM Program Management products. Vulnerability Details CVEID: CVE-2016-2510 DESCRIPTION: BeanShell could allow a remote attack...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse 6.3 security update

Red Hat JBoss Fuse 6.3, which fixes multiple security issues and includes several bug fixes and enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

CVE-2016-2510

BeanShell bsh before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler...

CVE-2016-2510

BeanShell bsh before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler...

CVE-2016-2510

CVE-2016-2510 is BeanShell deserialization vulnerability: when BeanShell is on the classpath with Java serialization or XStream, crafted serialized data can lead to remote code execution via XThis.Handler. Public docs confirm impact across IBM Emptoris/Contract Management/Program Management suite...

Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.2.2 update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.2.2 update

An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

openSUSE Security Update : bsh2 (openSUSE-2016-370)

This update for bsh2 fixes the following issues : - Version update to 2.0b6 boo967593 CVE-2016-2510 - Upstream developement moved to github - No obvious changelog apart from the above %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Security update for bsh2 (important)

This update for bsh2 fixes the following issues: - Version update to 2.0b6 boo967593 CVE-2016-2510 Upstream developement moved to github No obvious changelog apart from the above...

openSUSE: Security Advisory for bsh2 (openSUSE-SU-2016:0788-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : bsh2 (openSUSE-2016-351)

This update for bsh2 fixes the following issues : - CVE-2016-2510: An application that includes BeanShell on the classpath may be vulnerable if another part of the application uses Java serialization or XStream to deserialize data from an untrusted source. Please see...

Security update for bsh2 (important)

This update for bsh2 fixes the following issues: - CVE-2016-2510: An application that includes BeanShell on the classpath may be vulnerable if another part of the application uses Java serialization or XStream to deserialize data from an untrusted source. Please see...

SUSE-SU-2016:0699-1 Security update for bsh2

This update for bsh2 fixes the following issue: - CVE-2016-2510: An application that includes BeanShell on the classpath may be vulnerable if another part of the application uses Java serialization or XStream to deserialize data from an untrusted source. Please see...

SUSE-SU-2016:0700-1 Security update for bsh2

This update for bsh2 fixes the following issues: - CVE-2016-2510: An application that includes BeanShell on the classpath may be vulnerable if another part of the application uses Java serialization or XStream to deserialize data from an untrusted source. Please see...

Debian: Security Advisory (DSA-3504-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3504-1 : bsh - security update

Alvaro Munoz and Christian Schneider discovered that BeanShell, an embeddable Java source interpreter, could be leveraged to execute arbitrary commands: applications including BeanShell in their classpath are vulnerable to this flaw if they deserialize data from an untrusted source. %NASLMINLEVEL...

[SECURITY] [DSA 3504-1] bsh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3504-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 04, 2016 https://www.debian.org/security/faq -...