CVSS: 9.8EPSS: 1%CPEs: 14EXPL: 0CVE-2016-4999 – Dashbuilder: SQL Injection on data set lookup filters
https://notcve.org/view.php?id=CVE-2016-4999
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI. Vulnerabilidad de inyección SQL en el método getStringParameterSQL en main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java en Dashbuilder en versiones anteriores a 0.6.0.Beta1 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de un filtro de búsqueda de conjunto de datos en (1) Data Set Authoring o (2) Displayer editor UI. A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter. • http://www.securityfocus.com/bid/91795 https://access.redhat.com/errata/RHSA-2016:1428 https://access.redhat.com/errata/RHSA-2016:1429 https://bugzilla.redhat.com/show_bug.cgi?id=1349990 https://github.com/dashbuilder/dashbuilder/commit/8574899e3b6455547b534f570b2330ff772e524b https://issues.jboss.org/browse/DASHBUILDE-113 https://access.redhat.com/security/cve/CVE-2016-4999 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 1%CPEs: 19EXPL: 1CVE-2015-7501 – apache-commons-collections: InvokerTransformer code execution during deserialisation
https://notcve.org/view.php?id=CVE-2015-7501
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x y 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x y 5.x; Enterprise Application Platform 6.x, 5.x y 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x y Red Hat Subscription Asset Manager 1.3 permiten que atacantes remotos ejecuten comandos arbitrarios mediante un objeto Java serializado manipulado. Esto está relacionado con la librería ACC (Apache Commons Collections). It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. • https://github.com/ianxtianxt/CVE-2015-7501 http://rhn.redhat.com/errata/RHSA-2015-2500.html http://rhn.redhat.com/errata/RHSA-2015-2501.html http://rhn.redhat.com/errata/RHSA-2015-2502.html http://rhn.redhat.com/errata/RHSA-2015-2514.html http://rhn.redhat.com/errata/RHSA-2015-2516.html http://rhn.redhat.com/errata/RHSA-2015-2517.html http://rhn.redhat.com/errata/RHSA-2015-2521.html http://rhn.redhat.com/errata/RHSA-2015-2522.html http://rhn.redhat. • CWE-284: Improper Access Control CWE-502: Deserialization of Untrusted Data •
CVSS: 6.4EPSS: 4%CPEs: 5EXPL: 1CVE-2015-0250 – batik: XML External Entity (XXE) injection in SVG parsing
https://notcve.org/view.php?id=CVE-2015-0250
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file. Vulnerabilidad de entidad externa XML (XXE) en los gráficos vectoriales redimensionables en las clases de conversión (1) PNG y (2) JPG en Apache Batik 1.x anterior a 1.8 permite a atacantes remotos leer ficheros arbitrarios o causar una denegación de servicio a través de un fichero de gráficos vectoriales redimensionables manipulado. It was found that batik was vulnerable to XML External Entity attacks when parsing SVG files. A remote attacker able to send malicious SVG content to the affected server could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. • http://advisories.mageia.org/MGASA-2015-0138.html http://packetstormsecurity.com/files/130964/Apache-Batik-XXE-Injection.html http://rhn.redhat.com/errata/RHSA-2016-0041.html http://rhn.redhat.com/errata/RHSA-2016-0042.html http://seclists.org/fulldisclosure/2015/Mar/142 http://www-01.ibm.com/support/docview.wss?uid=swg21963275 http://www.debian.org/security/2015/dsa-3205 http://www.mandriva.com/security/advisories?name=MDVSA-2015:203 http://www.securitytracker.com/id/1032781 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 3.6EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0005 – PicketBox/JBossSX: Unauthorized access to and modification of application server configuration and state by application
https://notcve.org/view.php?id=CVE-2014-0005
PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application. PicketBox y JBossSX, utilizado en Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 y JBoss BRMS anterior a 6.0.3 roll up patch 2, permite a usuarios remotos autenticados leer y modificar la configuración y estado del servidor de la aplicación mediante el despliegue de una aplicación manipulada. It was identified that PicketBox/JBossSX allowed any deployed application to alter or read the underlying application server configuration and state without any authorization checks. An attacker able to deploy applications could use this flaw to circumvent security constraints applied to other applications deployed on the same system, disclose privileged information, and in certain cases allow arbitrary code execution. • http://rhn.redhat.com/errata/RHSA-2014-0343.html http://rhn.redhat.com/errata/RHSA-2014-0344.html http://rhn.redhat.com/errata/RHSA-2014-0345.html http://rhn.redhat.com/errata/RHSA-2015-0234.html http://rhn.redhat.com/errata/RHSA-2015-0235.html http://rhn.redhat.com/errata/RHSA-2015-0720.html https://access.redhat.com/security/cve/CVE-2014-0005 https://bugzilla.redhat.com/show_bug.cgi?id=1049736 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 0CVE-2013-4210 – Remoting: DoS by file descriptor exhaustion
https://notcve.org/view.php?id=CVE-2013-4210
The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. La clase org.jboss.remoting.transport.socket.ServerThread en Red Hat JBoss Remoting para Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, y otros productos, permite a atacantes remotos causar denegación de servicio (consumo de descriptores de fichero) a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2013-1369.html http://rhn.redhat.com/errata/RHSA-2013-1370.html http://rhn.redhat.com/errata/RHSA-2013-1371.html http://rhn.redhat.com/errata/RHSA-2013-1372.html http://rhn.redhat.com/errata/RHSA-2013-1373.html http://rhn.redhat.com/errata/RHSA-2013-1374.html http://rhn.redhat.com/errata/RHSA-2013-1448.html https://access.redhat.com/security/cve/CVE-2013-4210 https://bugzilla.redhat.com/show_bug.cgi?id=994321 •