8 matches found
EUVD-2014-0286
Malware in sbrugna...
Remote Code Execution (RCE)
jboss-seam2 is vulnerable to remote code execution RCE attacks. The vulnerability exists as org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform JBEAP 5.2.0, and JBoss Enterprise Web Platform JBEWP 5.2.0 allows remote attackers to...
CVE-2014-0248
org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform JBEAP 5.2.0, and JBoss Enterprise Web Platform JBEWP 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging...
Authentication flaw
org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform JBEAP 5.2.0, and JBoss Enterprise Web Platform JBEWP 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging...
PT-2014-3554 · Red Hat · Red Hat Jboss Enterprise Application Platform +2
Name of the Vulnerable Software and Affected Versions: Red Hat JBoss Web Framework Kit version 2.5.0 JBoss Enterprise Application Platform JBEAP version 5.2.0 JBoss Enterprise Web Platform JBEWP version 5.2.0 Description: The issue allows remote attackers to execute arbitrary code via a crafted...
Seam: RCE via unsafe logging in AuthenticationFilter
It was found that the org.jboss.seam.web.AuthenticationFilter class implementation did not properly use Seam logging. A remote attacker could send specially crafted authentication headers to an application, which could result in arbitrary code execution with the privileges of the user running tha...
Seam: RCE via unsafe logging in AuthenticationFilter
It was found that the org.jboss.seam.web.AuthenticationFilter class implementation did not properly use Seam logging. A remote attacker could send specially crafted authentication headers to an application, which could result in arbitrary code execution with the privileges of the user running tha...
Seam: RCE via unsafe logging in AuthenticationFilter
It was found that the org.jboss.seam.web.AuthenticationFilter class implementation did not properly use Seam logging. A remote attacker could send specially crafted authentication headers to an application, which could result in arbitrary code execution with the privileges of the user running tha...