22 matches found
EUVD-2011-1110
Malware in sbrugna...
IBM WebSphere Application Server 7.0 < 7.0.0.33 Multiple Vulnerabilities
Binary data 9699.prm...
IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities
IBM WebSphere Application Server 8.0 prior to Fix Pack 9 is running on the remote host. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacke...
IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities
IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running on the remote host. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote...
Important: Red Hat Security Advisory: JBoss Web Services security update
An update for the JBoss Web Services component in JBoss Enterprise SOA Platform 4.3 CP05 and JBoss Enterprise Portal Platform 4.3 CP07 which fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
Input validation
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
CVE-2011-1096
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
CVE-2011-1096
CVE-2011-1096 affects the W3C XML Encryption usage in the JBoss Web Services CXF stack (jbossws-cxf) within JBoss Enterprise Portal Platform before 5.2.2 and other products. The root cause is CBC-mode block ciphers enabling a chosen-ciphertext attack on SOAP responses, allowing an attacker to rec...
PT-2012-1508 · Red Hat · Jboss Enterprise Portal Platform +1
Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Portal Platform versions prior to 5.2.2 Description: The issue allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses. This is related to the use of block ciphers in cipher-block...