CVE-2014-3464

The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers...

CVE-2014-3464

CVE-2014-3464 affects Red Hat JBossWS used in JBoss EAP 6.2.0 and 6.3.0. The EJB invocation handler fails to enforce method-level restrictions for outbound messages, allowing remote authenticated users to access restricted JAX-WS handlers via permissions to the EJB class. This stems from an incom...

RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.2.0 update (Low) (RHSA-2013:1786)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1786 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. The HawtJNI Library...

Low: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.2.0 update

Updated Red Hat JBoss Enterprise Application Platform 6.2.0 packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common...