3 matches found
CVE-2016-4459
CVE-2016-4459 is a stack-based buffer overflow in mod_cluster 1.2.9, specifically in native/mod_manager/node.c. The root cause is a stack-based overflow, leading to memory corruption that can cause a crash and impact availability (as reflected by CVSS) without affecting confidentiality or integri...
CVE-2015-0298
Summary: CVE-2015-0298 is an XSS vulnerability in the mod_cluster manager web interface, exploitable via a crafted MCMP message. Affected component: mod_cluster (manager web interface) prior to version 1.3.2.Alpha1. Impact: remote attacker can inject arbitrary HTML/script. Root cause: cross-site ...
CVE-2012-1154
CVE-2012-1154 concerns mod_cluster, where a regression in JBoss Enterprise Web Platform 5.1.2 causes the server root context to be registered and exposed by default when ROOT is in the excludedContexts list. This allows remote attackers to bypass access restrictions and access applications deploy...