Lucene search
K

18 matches found

Veracode
Veracode
added 2019/05/02 4:46 a.m.55 views

Privilege Escalation

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

5.9CVSS7AI score0.15561EPSS
Exploits7References36Affected Software63
Veracode
Veracode
added 2019/05/02 4:46 a.m.64 views

Information Disclosure

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

5.9CVSS7AI score0.15561EPSS
Exploits7References42Affected Software63
Veracode
Veracode
added 2019/05/02 4:46 a.m.52 views

Information Disclosure

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

5.9CVSS7AI score0.15561EPSS
Exploits7References36Affected Software63
seebug.org
seebug.org
added 2016/11/29 12:0 a.m.25 views

Red Hat JBoss EAP - Deserialization of Untrusted Data

1.Abstract. JBoss EAP's JMX Invoker Servlet is exposed by default on port 8080/TCP. The communication employs serialized Java objects, encapsulated in HTTP requests and responses. The server deserializes these objects without checking the object type. This behavior can be exploited to cause a...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2016/11/28 12:0 a.m.42 views

Red Hat JBoss EAP - Deserialization of Untrusted Data

Red Hat JBoss EAP - Deserialization of Untrusted Data Security Advisory @ Mediaservice.net Srl 05, 23/11/2016 Data Security Division Title: Red Hat JBoss EAP deserialization of untrusted data Application: JBoss EAP 5.2.X and prior versions Description: The application server deserializes untruste...

6.5CVSS0.6AI score0.12471EPSS
Exploits3
Exploit DB
Exploit DB
added 2016/11/28 12:0 a.m.218 views

Red Hat JBoss EAP - Deserialization of Untrusted Data

Security Advisory @ Mediaservice.net Srl 05, 23/11/2016 Data Security Division Title: Red Hat JBoss EAP deserialization of untrusted data Application: JBoss EAP 5.2.X and prior versions Description: The application server deserializes untrusted data via the JMX Invoker Servlet. This can lead to a...

8.8CVSS8.8AI score0.12471EPSS
Exploits3
exploitpack
exploitpack
added 2015/03/30 12:0 a.m.23 views

JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution

JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution / JBoss JMXInvokerServlet Remote Command Execution JMXInvoker.java v0.3 - Luca Carettoni @ikki This code exploits a common misconfiguration in JBoss Application Server 4.x, 5.x, .... Whenever the JMX Invoker is exposed with the...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/03/30 12:0 a.m.33 views

JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution

/ JBoss JMXInvokerServlet Remote Command Execution JMXInvoker.java v0.3 - Luca Carettoni @ikki This code exploits a common misconfiguration in JBoss Application Server 4.x, 5.x, .... Whenever the JMX Invoker is exposed with the default configuration, a malicious "MarshalledInvocation" serialized...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.62 views

RHEL 4 : JBoss EWP (RHSA-2013:0197)

Updated JBoss Enterprise Web Platform 5.2.0 packages that fix multiple security issues, various bugs, and add several enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS7.8AI score0.15561EPSS
Exploits7References30
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)

No description provided by source. require 'msf/core' class Metasploit4 Msf::Exploit::Remote Rank = ExcellentRanking HttpFingerprint = :pattern = /JBoss/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo = superupdateinfoinfo, 'Name' = 'JBoss...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/02/20 9:33 p.m.60 views

Important: Red Hat Security Advisory: JBoss Enterprise SOA Platform 5.3.1 update

JBoss Enterprise SOA Platform 5.3.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS...

7.5CVSS7.3AI score0.15561EPSS
Exploits4References13
RedHat Linux
RedHat Linux
added 2013/01/24 7:6 p.m.68 views

Important: Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update

JBoss Enterprise Web Platform 5.2.0, which fixes multiple security issues, various bugs, and adds several enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

10CVSS7.7AI score0.15561EPSS
Exploits6References16
RedHat Linux
RedHat Linux
added 2013/01/24 6:28 p.m.88 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update

Updated JBoss Enterprise Application Platform 5.2.0 packages that fix multiple security issues, various bugs, and add several enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common...

10CVSS7.7AI score0.15561EPSS
Exploits7References17
RedHat Linux
RedHat Linux
added 2013/01/24 6:27 p.m.74 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update

Updated JBoss Enterprise Application Platform 5.2.0 packages that fix multiple security issues, various bugs, and add several enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common...

10CVSS7.7AI score0.15561EPSS
Exploits7References17
RedHat Linux
RedHat Linux
added 2013/01/24 6:27 p.m.5 views

JBoss invoker servlets do not require authentication

The 1 JMXInvokerHAServlet and 2 EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 do not require authentication by default in certain profiles, which might allow...

6.8CVSS6.6AI score0.15561EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/01/24 6:7 p.m.75 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 update

JBoss Enterprise Application Platform 5.2.0, which fixes multiple security issues, various bugs, and adds several enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS7.7AI score0.15561EPSS
Exploits6References16
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.76 views

RHEL 6 : JBoss EAP (RHSA-2013:0191)

Updated JBoss Enterprise Application Platform 5.2.0 packages that fix multiple security issues, various bugs, and add several enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common...

10CVSS0.4AI score0.15561EPSS
Exploits7References30
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.52 views

RHEL 4 : JBoss EAP (RHSA-2013:0193)

Updated JBoss Enterprise Application Platform 5.2.0 packages that fix multiple security issues, various bugs, and add several enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common...

10CVSS7.7AI score0.15561EPSS
Exploits7References30
Rows per page
Query Builder