EUVD-2012-4478

Malware in sbrugna...

EUVD-2006-2433

Malware in sbrugna...

Access Restriction Bypass

JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1 Release Notes for information on the...

CVE-2012-4550

JBoss Enterprise Application Platform aka JBoss EAP or JBEAP before 6.0.1, when using role-based authorization for Enterprise Java Beans EJB access, does not call the intended authorization modules, which prevents JACC permissions from being applied and allows remote attackers to obtain access to...

JBoss Enterprise Application Platform安全绕过漏洞

CVE ID:CVE-2012-4550 JBOSS是一个基于J2EE的开放源代码的应用服务器。 当使用基于角色的授权用于Enterprise Java Beans EJB访问时，必须使用JACC权限来判断访问；但是存在一个安全漏洞没有调用配置的授权模块JACC, XACML等，使得JACC权限没有用来判断EJB访问，允许远程攻击者获得对EJB的未授权访问。 0 JBoss Enterprise Application Platform 即JBoss EAP或JBEAP 6.0.1之前版本 厂商解决方案 JBoss Enterprise Application Platform...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

JBoss Enterprise Application Platform 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

JBoss Enterprise Application Platform: JBoss EAP: JBEAP: JBoss Enterprise Application Platform: Unauthorized EJB access via authorization module bypass

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans EJB access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers JACC permissions from being...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

Code injection

IBM WebSphere Application Server 5.0.2 or any earlier cumulative fix and 5.1.1 or any earlier cumulative fix allows EJB access on Solaris systems via a crafted LTPA token...

CVE-2006-2432

IBM WebSphere Application Server 5.0.2 or any earlier cumulative fix and 5.1.1 or any earlier cumulative fix allows EJB access on Solaris systems via a crafted LTPA token...

CVE-2006-2432

IBM WebSphere Application Server 5.0.2 or any earlier cumulative fix and 5.1.1 or any earlier cumulative fix allows EJB access on Solaris systems via a crafted LTPA token...