6 matches found
EUVD-2013-2100
Malware in sbrugna...
EUVD-2014-3476
Malware in sbrugna...
CVE-2014-3464
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers...
Input validation
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers...
CVE-2014-3464
CVE-2014-3464 affects Red Hat JBossWS used in JBoss EAP 6.2.0 and 6.3.0. The EJB invocation handler fails to enforce method-level restrictions for outbound messages, allowing remote authenticated users to access restricted JAX-WS handlers via permissions to the EJB class. This stems from an incom...
Input validation
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform EAP before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated users to access otherwise restricted JAX-WS...