CVE-2011-4610 – JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary
https://notcve.org/view.php?id=CVE-2011-4610
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service (infinite loop) via vectors related to a crafted UTF-8 and a "surrogate pair character" that is "at the boundary of an internal buffer." JBoss Web, utilizado en Red Hat JBoss Communications Platform anterior a 5.1.3, Enterprise Web Platform anterior a 5.1.2, Enterprise Application Platform anterior a 5.1.2 y otros productos, permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de vectores relacionados con un UTF-8 manipulado y un "caracter de par subrogado" que está "en el límite de un buffer interno." • http://rhn.redhat.com/errata/RHSA-2012-0074.html http://rhn.redhat.com/errata/RHSA-2012-0075.html http://rhn.redhat.com/errata/RHSA-2012-0076.html http://rhn.redhat.com/errata/RHSA-2012-0077.html http://rhn.redhat.com/errata/RHSA-2012-0078.html http://rhn.redhat.com/errata/RHSA-2012-0325.html http://www.osvdb.org/78775 http://www.securityfocus.com/bid/51829 https://bugzilla.redhat.com/show_bug.cgi?id=767871 https://access.redhat.com/security/cve/CVE-201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-4608 – mod_cluster: malicious worker nodes can register on any vhost
https://notcve.org/view.php?id=CVE-2011-4608
mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from an external vhost that does not enforce security constraints. mod_cluster en JBoss Enterprise Application Platform v5.1.2 de Red Hat Linux permite a los nodos inscribirse en hosts virtuales de su elección, lo que permite a atacantes remotos evitar las restricciones de acceso y ofrecer contenido malicioso, secuestrar sesiones y robar las credenciales registrando un vhost externo que no imponga restricciones de seguridad. • http://www.redhat.com/support/errata/RHSA-2012-0035.html http://www.redhat.com/support/errata/RHSA-2012-0036.html http://www.redhat.com/support/errata/RHSA-2012-0037.html http://www.redhat.com/support/errata/RHSA-2012-0038.html http://www.redhat.com/support/errata/RHSA-2012-0039.html http://www.redhat.com/support/errata/RHSA-2012-0040.html http://www.securityfocus.com/bid/51554 http://www.securitytracker.com/id?1026545 https://bugzilla.redhat.com/show_bug.cgi?id=7 • CWE-264: Permissions, Privileges, and Access Controls CWE-863: Incorrect Authorization •
CVE-2011-4314 – extension): MITM due to improper validation of AX attribute signatures
https://notcve.org/view.php?id=CVE-2011-4314
message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack. message/ax/AxMessage.java en OpenID4Java antes v0.9.6 final, tal y como se utiliza en JBoss Enterprise Application Platform v5.1 antes de v5.1.2, Step2, Kay Framework antes de la versión v1.0.2, y posiblemente otros productos no verifica que la información de intercambio de atributos (Attribute Exchange - AX) ha sido firmada, lo que permite a atacantes remotos modificar la información AX potencialmente sensible sin ser detectado a través de un ataque "Man-in-the-middle" (MITM). • http://openid.net/2011/05/05/attribute-exchange-security-alert http://rhn.redhat.com/errata/RHSA-2012-0441.html http://rhn.redhat.com/errata/RHSA-2012-0519.html http://secunia.com/advisories/44496 http://secunia.com/advisories/48697 http://secunia.com/advisories/48954 http://securitytracker.com/id?1026400 http://www.openwall.com/lists/oss-security/2011/11/16/1 http://www.openwall.com/lists/oss-security/2011/11/17/1 http://www.redhat.com/support/errata/RHSA-2 • CWE-20: Improper Input Validation •