Page 30 of 166 results (0.018 seconds)

CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0

CVE-2011-4610 – JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary

https://notcve.org/view.php?id=CVE-2011-4610

JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service (infinite loop) via vectors related to a crafted UTF-8 and a "surrogate pair character" that is "at the boundary of an internal buffer." JBoss Web, utilizado en Red Hat JBoss Communications Platform anterior a 5.1.3, Enterprise Web Platform anterior a 5.1.2, Enterprise Application Platform anterior a 5.1.2 y otros productos, permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de vectores relacionados con un UTF-8 manipulado y un "caracter de par subrogado" que está "en el límite de un buffer interno." • http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http://rhn.redhat.com/errata/RHSA-2012-0078.html http://rhn.redhat.com/errata/RHSA-2012-0325.html http://www.osvdb.org/78775 http://www.securityfocus.com/bid/51829 https://bugzilla.redhat.com/show_bug.cgi?id=767871 https://access.redhat.com/security/cve/CVE-201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2011-4608 – mod_cluster: malicious worker nodes can register on any vhost

https://notcve.org/view.php?id=CVE-2011-4608

mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from an external vhost that does not enforce security constraints. mod_cluster en JBoss Enterprise Application Platform v5.1.2 de Red Hat Linux permite a los nodos inscribirse en hosts virtuales de su elección, lo que permite a atacantes remotos evitar las restricciones de acceso y ofrecer contenido malicioso, secuestrar sesiones y robar las credenciales registrando un vhost externo que no imponga restricciones de seguridad. • http://www.redhat.com/support/errata/RHSA-2012-0035.html http://www.redhat.com/support/errata/RHSA-2012-0036.html http://www.redhat.com/support/errata/RHSA-2012-0037.html http://www.redhat.com/support/errata/RHSA-2012-0038.html http://www.redhat.com/support/errata/RHSA-2012-0039.html http://www.redhat.com/support/errata/RHSA-2012-0040.html http://www.securityfocus.com/bid/51554 http://www.securitytracker.com/id?1026545 https://bugzilla.redhat.com/show_bug.cgi?id=7 • CWE-264: Permissions, Privileges, and Access Controls CWE-863: Incorrect Authorization •

CVSS: 5.8EPSS: 0%CPEs: 14EXPL: 0

CVE-2011-4314 – extension): MITM due to improper validation of AX attribute signatures

https://notcve.org/view.php?id=CVE-2011-4314

message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack. message/ax/AxMessage.java en OpenID4Java antes v0.9.6 final, tal y como se utiliza en JBoss Enterprise Application Platform v5.1 antes de v5.1.2, Step2, Kay Framework antes de la versión v1.0.2, y posiblemente otros productos no verifica que la información de intercambio de atributos (Attribute Exchange - AX) ha sido firmada, lo que permite a atacantes remotos modificar la información AX potencialmente sensible sin ser detectado a través de un ataque "Man-in-the-middle" (MITM). • http://openid.net/2011/05/05/attribute-exchange-security-alert http://rhn.redhat.com/errata/RHSA-2012-0441.html http://rhn.redhat.com/errata/RHSA-2012-0519.html http://secunia.com/advisories/44496 http://secunia.com/advisories/48697 http://secunia.com/advisories/48954 http://securitytracker.com/id?1026400 http://www.openwall.com/lists/oss-security/2011/11/16/1 http://www.openwall.com/lists/oss-security/2011/11/17/1 http://www.redhat.com/support/errata/RHSA-2 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 2%CPEs: 26EXPL: 0

CVE-2011-4085 – Invoker servlets authentication bypass (HTTP verb tampering)

https://notcve.org/view.php?id=CVE-2011-4085

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by sending a request with a different method. NOTE: this vulnerability exists because of a CVE-2010-0738 regression. Los servlets invocados por httpha-invoker en JBoss Enterprise Application Platform anterior a v5.1.2, SOA Platform anterior a v5.2.0, BRMS Platform anterior a v5.3.0, y Portal Platform anterior a v4.3 CP07 lleva a cabo el control de acceso sólo para los métodos GET y POST, lo que permite a atacantes remotos evitar la autenticación mediante el envío de una solicitud con un método diferente. NOTA: esta vulnerabilidad se debe a CVE-2010-0738 • http://rhn.redhat.com/errata/RHSA-2011-1456.html http://rhn.redhat.com/errata/RHSA-2011-1798.html http://rhn.redhat.com/errata/RHSA-2011-1799.html http://rhn.redhat.com/errata/RHSA-2011-1800.html http://rhn.redhat.com/errata/RHSA-2011-1805.html http://rhn.redhat.com/errata/RHSA-2011-1822.html http://rhn.redhat.com/errata/RHSA-2012-0091.html http://rhn.redhat.com/errata/RHSA-2012-1028.html http://secunia.com/advisories/47169 http://secunia.com/advisories • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 1%CPEs: 17EXPL: 0

CVE-2011-1483 – JBossWS remote Denial of Service

https://notcve.org/view.php?id=CVE-2011-1483

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564. wsf/common/DOMUtils.java en JBossWS Native en Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, y 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 y 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, y 5.1.0; JBoss Communications Platform 1.2.11 y 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; y JBoss Enterprise Web Platform 5.1.1, no manejan adecuadamente la recursividad durante la expansión de una entidad, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y CPU) a través de una petición manipulada que contiene un documento XML una declaración DOCTYPE y un gran número de referencias a entidades anidadas. Similar cuestión que el CVE-2003-1564. • http://source.jboss.org/changelog/JBossWS/?cs=13996 https://bugzilla.redhat.com/show_bug.cgi?id=692584 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03824583 https://access.redhat.com/security/cve/CVE-2011-1483 •