9 matches found
EUVD-2012-4478
Malware in sbrugna...
SUSE CVE-2012-1167
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to...
JBoss Enterprise Application Platform安全绕过漏洞
CVE ID:CVE-2012-4550 JBOSS是一个基于J2EE的开放源代码的应用服务器。 当使用基于角色的授权用于Enterprise Java Beans EJB访问时,必须使用JACC权限来判断访问;但是存在一个安全漏洞没有调用配置的授权模块JACC, XACML等,使得JACC权限没有用来判断EJB访问,允许远程攻击者获得对EJB的未授权访问。 0 JBoss Enterprise Application Platform 即JBoss EAP或JBEAP 6.0.1之前版本 厂商解决方案 JBoss Enterprise Application Platform...
Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update
JBoss Enterprise Application Platform 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...
JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to...
JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to...
JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to...
JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to...
JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to...