All the vulnerabilites related to redhat - richfaces
Vulnerability from fkie_nvd
Published
2018-06-18 12:29
Modified
2024-11-21 03:45
Severity ?
Summary
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:richfaces:*:*:*:*:*:*:*:*",
"matchCriteriaId": "807E3104-B229-4E35-BA74-821AEA1D52C8",
"versionEndIncluding": "3.3.4",
"versionStartIncluding": "3.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310."
},
{
"lang": "es",
"value": "JBoss RichFaces, de la versi\u00f3n 3.1.0 hasta la 3.3.4, permite que atacantes remotos no autenticados inyecten expresiones de lenguaje de expresi\u00f3n (EL) y ejecuten c\u00f3digo Java arbitrario mediante una subcadena /DATA/ en una ruta con un objeto org.richfaces.renderkit.html.Paint2DResource$ImageData. Esto tambi\u00e9n se conoce como RF-14310."
}
],
"id": "CVE-2018-12533",
"lastModified": "2024-11-21T03:45:22.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-18T12:29:00.280",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104502"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041617"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2663"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2664"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2930"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-31 14:58
Modified
2024-11-21 02:01
Severity ?
Summary
The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3969103B-4669-4C3D-93E0-F5A392B6A800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BDCE2F-E599-42B3-800F-2D25813E0122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "831F47E4-F8E2-44FF-833A-DD9BD122153E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:5.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "8DA147D3-F295-4DBD-87AD-40C7F9B00C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:5.0.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "F1C7A907-F7B5-4944-80E5-422B8A815039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:5.0.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "8252F7DF-E0DA-414A-8D07-FE56489D8F85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests."
},
{
"lang": "es",
"value": "La funci\u00f3n doFilter en webapp/PushHandlerFilter.java en JBoss RichFaces 4.3.4, 4.3.5 y 5.x permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y error de falta de memoria) a trav\u00e9s de un n\u00famero grande de solicitudes atmosphere push malformadas."
}
],
"id": "CVE-2014-0086",
"lastModified": "2024-11-21T02:01:19.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-31T14:58:19.587",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0335.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57053"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://issues.jboss.org/browse/RF-13250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://issues.jboss.org/browse/RF-13250"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-26 14:59
Modified
2024-11-21 02:22
Severity ?
Summary
JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:richfaces:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2058B7-E4C6-4759-89F4-BBF0180CDA69",
"versionEndIncluding": "4.5.4",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter."
},
{
"lang": "es",
"value": "JBoss RichFaces anterior a 4.5.4 permite a atacantes remotos inyectar expresiones del lenguaje de expresiones (EL) y ejecutar c\u00f3digo Java arbitrario a trav\u00e9s del par\u00e1metro do."
}
],
"id": "CVE-2015-0279",
"lastModified": "2024-11-21T02:22:42.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-26T14:59:00.070",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN56297719/index.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-001959.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/153734/Tufin-Secure-Change-Remote-Code-Execution.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0719.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Jul/21"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN56297719/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-001959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153734/Tufin-Secure-Change-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0719.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jul/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192140"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2024-11-21 01:51
Severity ?
Summary
ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E82B2AD8-967D-4ABE-982B-87B9DE73F8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp10:*:*:*:*:*:*",
"matchCriteriaId": "424C0428-6E78-42B2-B77A-921116528D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D7F1AD-4BD3-4C37-B6B5-B287464B2EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76D8FCD1-55D5-4187-87DD-39904EDE2EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "972C5C87-E982-44A5-866D-FDEACB5203B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13890AE-5FDE-4698-8A2E-1B2FA0A313AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A785F07-9B76-4153-B676-29C9682B2F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46849C8D-36E9-4E97-BB49-E04F4EB199E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CDC2527-97FE-409D-8DD6-78E085CC73C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41B77A70-95E1-4333-90E4-8056389EEE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB18D40-E8EA-4EB7-A25D-15CE6B65E21F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E911B601-2A14-4C23-81FF-689DBDB79626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DECC247-477B-4AB3-9FD4-B7B6726A728D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C70B67DF-8122-40D6-9301-B1DD31D71F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B1CE36-5131-425D-90BD-FC597F27B3E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp03:*:*:*:*:*:*",
"matchCriteriaId": "8F570DE3-8759-44F9-B515-71889139A443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp04:*:*:*:*:*:*",
"matchCriteriaId": "B5FED015-A1E5-4CDC-9E99-97FA0ED2454D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp05:*:*:*:*:*:*",
"matchCriteriaId": "D20B3197-3BB8-427B-8B92-D53B200A235A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp06:*:*:*:*:*:*",
"matchCriteriaId": "A87344DF-9FA8-40B6-98B2-A43FB86BBB6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp07:*:*:*:*:*:*",
"matchCriteriaId": "C9C9C8B4-693E-4777-BC31-5933147DFC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3221242F-802E-418B-BC9D-CFA200D99171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5472541F-ED83-4656-AE18-1642F571D294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97165B18-1078-4215-94DA-0B6C4228056E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A62117F2-5513-4998-8FDC-64564BBD00EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D66D2843-0273-4A3A-A9D1-48BBB15031B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6572BFDD-0A35-48CC-99A1-2BDE27BABB62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3451D2AD-BB7B-4149-97C3-2DB1BCC0EF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEABE3E-DC3E-4B98-8433-4308BBEE6F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp01:*:*:*:*:*:*",
"matchCriteriaId": "70942A41-9089-4313-8B00-5CB92518A349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp02:*:*:*:*:*:*",
"matchCriteriaId": "093F7EA4-B190-49A5-AF55-42D4F960EEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp03:*:*:*:*:*:*",
"matchCriteriaId": "75CBF063-6986-4217-BC8E-661B5167AB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp04:*:*:*:*:*:*",
"matchCriteriaId": "3F6528B6-1147-4366-8F81-8B380903EAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:cp05:*:*:*:*:*:*",
"matchCriteriaId": "4EF1898E-1A25-442B-865F-1C27B9E5F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.2.0:tp02:*:*:*:*:*:*",
"matchCriteriaId": "92953D9C-8FF0-4499-A4A4-3B05696D326E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C57B8004-AF15-4F0F-B9FA-A3CFF7BD42DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp01:*:*:*:*:*:*",
"matchCriteriaId": "66F4FC45-CF67-44E4-96CA-31B537151C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp02:*:*:*:*:*:*",
"matchCriteriaId": "E7CF5F63-C7A8-4787-9620-F5B76A9F0F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp03:*:*:*:*:*:*",
"matchCriteriaId": "9BCA6581-3C94-4B1B-B30F-E0B854A68968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp04:*:*:*:*:*:*",
"matchCriteriaId": "23F0650B-C39D-4C7D-8BB9-BBA951BA8AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp05:*:*:*:*:*:*",
"matchCriteriaId": "67BD448A-745D-4387-ABC8-A18DF142574D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB8FED0-E0C6-409C-A2D8-B3999265D545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC497FD-503A-463B-A75E-9C4B9B716521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F224EE-A5A1-490B-91A5-0196B4168F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B72D56E-DE3C-4383-906D-F3DCD9D09CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55661526-BC23-4853-BF6C-E1899D747EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "118B3D27-8BF7-48ED-9D22-564B7D515610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD4700B-4C95-426E-ADF6-D165BB3E6F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93B87581-F441-4A93-B797-337B7572CC08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC20F443-4918-46D2-8251-1C8F072B7733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F20B8708-8EC6-4B0E-9693-131F91A4FC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C534793-58E0-45B9-84D7-D21E1C4C9F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38F66D5B-F906-437E-977E-F9F930648886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1625FD-302E-457E-BDD1-977DE614CB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29DC3CE-E782-47F7-BDF4-4AB63728F05B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4A10F6-2128-4986-8A28-BD9B679D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B720DED-23EE-4830-9C8B-441A38DAE80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD44168-A91A-4043-8C34-7A20DC2C1A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "66926B59-4A4F-47B9-9B2B-3D8DC698BC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D72DFB62-EEA6-4126-9DC3-B191CC8D0CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DBE132-2A98-40C6-947F-50C1D06DDFB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18EB42B1-D507-4B48-B835-C87AC5CC3650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "376C608B-645D-4560-8A7E-4154DCFD2B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C077D692-150C-4AE9-8C0B-7A3EA5EB1100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE5BA7D-BEFA-474C-BBD3-4C22F1283182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFA4B2-1562-48E0-A598-3C1F8973FDF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "495496C9-8CFE-431D-84EB-1C94B7C74E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F57B34F5-66CD-4051-8406-54709C39572F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E43C0ED7-47AA-474B-B1E8-D5358EA40A41",
"versionEndIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69A1DC5C-28D4-4C03-9B4D-EB474714B530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0043DABE-2CF1-46FA-BC11-058EF8800D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA16184-345B-47C0-B5C2-2FC47E7BCD87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "910ABBBA-7FAC-4512-801C-3FDB5D7584D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_web_framework_kit:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30B541A7-C0DC-4650-9C58-22E4FB14C213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7714AE54-6EA9-4FF0-995A-EAE7C9EC90A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF339098-BFB5-4795-84D0-1D4E3CA291C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1D36E4-44D9-4BCB-A5BB-6F9411A1EF02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E459D64B-4427-45D4-9AD8-27322D472AA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BECB4A09-BF7E-4314-9DFA-FB093FD1035F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0C4149-1B58-44B4-8A4C-694EC46357B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "597510CA-20F6-4BFB-B674-BA2E54510D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E67C14B-9CAB-401F-9B8E-367DABC8B403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.2.0:sr1:*:*:*:*:*:*",
"matchCriteriaId": "CC999E61-A1E7-434F-89C5-D65150FFD3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDF3150-DB24-45B5-8AE4-E1389BFC7D9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0C460B1D-6C7D-40B8-8F23-192CCEB68948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A03D84C-BB68-4564-97F7-8CD326D86B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2B5531-406B-47EA-A61F-2D3DD07E5BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2FE027-BF63-4EC9-B743-C7A805A65FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.3.2:sr1:*:*:*:*:*:*",
"matchCriteriaId": "66F0B040-84E3-44B4-ACE4-0BC9366C064E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD902B25-B15E-463E-8DF0-7DD0889A2B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E27F9EFE-D7CA-46A0-99B2-F4FDE622A9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A438EF-E450-49DE-B745-3F8034C715DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7201416F-1CAC-431E-93A8-74FBB708CC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E9C9F20-702E-4943-9AE9-D419BFFFBC45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8E7B1BC4-71B6-4F46-927F-E537A1688CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "730FB8DB-5116-4BF2-9348-F280ACF3D197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B82F2B98-5B8B-4BA0-912C-0C6C6B5393DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "986311E6-C44C-4DFF-A74B-1501DFB9B5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:4.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "4D6E0C8B-8901-47F9-A96E-645BE5037666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:richfaces:5.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "8DA147D3-F295-4DBD-87AD-40C7F9B00C8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data."
},
{
"lang": "es",
"value": "ResourceBuilderImpl.java en la implementaci\u00f3n de RichFaces 3.x a 5.x en la implementaci\u00f3n de Red Hat JBoss Web Framework Kit anterior a 2.3.0, Red Hat JBoss Web Platform a 5.2.0, Red Hat JBoss Enterprise Application Platform a 4.3.0 CP10 y 5.x a la 5.2.0, Red Hat JBoss BRMS hasta la 5.3.1, Red Hat JBoss SOA Platform hasta la 4.3.0 CP05 y 5.x hasta la 5.3.1, Red Hat JBoss Portal hasta la 4.3 CP07 y 5.x hasta 5.2.2, y Red Hat JBoss Operations Network hasta 2.4.2 y 3.x hasta la 3.1.2, no restringe las clases para la deserializaci\u00f3n de los m\u00e9todos que pueden ser invocados, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos serializados."
}
],
"evaluatorComment": "Per: http://www.bleathem.ca/blog/2013/07/richfaces-CVE-2013-2165.html\n\n\"Download RichFaces 3.3.4.Final or RichFaces 4.3.3.Final and use them in your applications to protect yourself from this vulnerability.\"",
"id": "CVE-2013-2165",
"lastModified": "2024-11-21T01:51:10.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:11.980",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN38787103/index.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000072"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1041.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1042.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1043.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1044.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1045.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2013-2165"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=973570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN38787103/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2013-2165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=973570"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-06 22:29
Modified
2024-11-21 03:49
Severity ?
Summary
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | richfaces | * | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 6.0 |
{
"cisaActionDue": "2023-10-19",
"cisaExploitAdd": "2023-09-28",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:richfaces:*:*:*:*:*:*:*:*",
"matchCriteriaId": "807E3104-B229-4E35-BA74-821AEA1D52C8",
"versionEndIncluding": "3.3.4",
"versionStartIncluding": "3.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData."
},
{
"lang": "es",
"value": "RichFaces Framework en versiones 3.X hasta la 3.3.4 es vulnerable a una inyecci\u00f3n Expression Language (EL) mediante el recurso UserResource. Un atacante no autenticado remoto podr\u00eda explotar esto para ejecutar c\u00f3digo arbitrario mediante una cadena de objetos Java serializados mediante org.ajax4jsf.resource.UserResource$UriData."
}
],
"id": "CVE-2018-14667",
"lastModified": "2024-11-21T03:49:33.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-06T22:29:00.193",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1042037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3518"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3519"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3581"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1042037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-18 12:29
Modified
2024-11-21 03:45
Severity ?
Summary
JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/fulldisclosure/2020/Mar/21 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/104503 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Mar/21 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104503 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:richfaces:*:*:*:*:*:*:*:*",
"matchCriteriaId": "595A396F-175E-41B0-8A9A-01651639B238",
"versionEndIncluding": "4.5.17",
"versionStartIncluding": "4.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource\u0027s resource request, aka RF-14309."
},
{
"lang": "es",
"value": "JBoss RichFaces, de la versi\u00f3n 4.5.3 hasta la 4.5.17, permite que atacantes remotos no autenticados inyecten un mapper de variable de lenguaje de expresi\u00f3n (EL) arbitrario y ejecute c\u00f3digo Java arbitrario mediante una petici\u00f3n de recursos a MediaOutputResource. Esto tambi\u00e9n se conoce como RF-14309."
}
],
"id": "CVE-2018-12532",
"lastModified": "2024-11-21T03:45:22.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-18T12:29:00.233",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104503"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2014-0086
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-0335.html | vendor-advisory, x_refsource_REDHAT | |
| https://issues.jboss.org/browse/RF-13250 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1067268 | x_refsource_CONFIRM | |
| https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/57053 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:38.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0335.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.jboss.org/browse/RF-13250"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757"
},
{
"name": "57053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57053"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2014:0335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0335.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.jboss.org/browse/RF-13250"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757"
},
{
"name": "57053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57053"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0086",
"datePublished": "2014-03-28T17:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:38.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12532
Vulnerability from cvelistv5
Published
2018-06-18 12:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104503 | vdb-entry, x_refsource_BID | |
| https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2020/Mar/21 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:05.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104503"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource\u0027s resource request, aka RF-14309."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T00:06:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "104503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104503"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12532",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource\u0027s resource request, aka RF-14309."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104503"
},
{
"name": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html",
"refsource": "MISC",
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12532",
"datePublished": "2018-06-18T12:00:00",
"dateReserved": "2018-06-18T00:00:00",
"dateUpdated": "2024-08-05T08:38:05.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12533
Vulnerability from cvelistv5
Published
2018-06-18 12:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:2664 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1041617 | vdb-entry, x_refsource_SECTRACK | |
| https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2018:2663 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/104502 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2018:2930 | vendor-advisory, x_refsource_REDHAT | |
| http://seclists.org/fulldisclosure/2020/Mar/21 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:2664",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2664"
},
{
"name": "1041617",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041617"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"name": "RHSA-2018:2663",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2663"
},
{
"name": "104502",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104502"
},
{
"name": "RHSA-2018:2930",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2930"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T00:06:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2018:2664",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2664"
},
{
"name": "1041617",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041617"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"name": "RHSA-2018:2663",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2663"
},
{
"name": "104502",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104502"
},
{
"name": "RHSA-2018:2930",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2930"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2664",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2664"
},
{
"name": "1041617",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041617"
},
{
"name": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html",
"refsource": "MISC",
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"name": "RHSA-2018:2663",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2663"
},
{
"name": "104502",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104502"
},
{
"name": "RHSA-2018:2930",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2930"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12533",
"datePublished": "2018-06-18T12:00:00",
"dateReserved": "2018-06-18T00:00:00",
"dateUpdated": "2024-08-05T08:38:06.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2165
Vulnerability from cvelistv5
Published
2013-07-22 19:00
Modified
2024-08-06 15:27
Severity ?
EPSS score ?
Summary
ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN38787103/index.html | third-party-advisory, x_refsource_JVN | |
| https://access.redhat.com/security/cve/CVE-2013-2165 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=973570 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2013-1045.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2013-1041.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2013-1043.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2013-1044.html | vendor-advisory, x_refsource_REDHAT | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2013-000072 | third-party-advisory, x_refsource_JVNDB | |
| http://rhn.redhat.com/errata/RHSA-2013-1042.html | vendor-advisory, x_refsource_REDHAT | |
| http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2020/Mar/21 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#38787103",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN38787103/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2013-2165"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=973570"
},
{
"name": "RHSA-2013:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1045.html"
},
{
"name": "RHSA-2013:1041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1041.html"
},
{
"name": "RHSA-2013:1043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1043.html"
},
{
"name": "RHSA-2013:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1044.html"
},
{
"name": "JVNDB-2013-000072",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000072"
},
{
"name": "RHSA-2013:1042",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1042.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T00:06:03",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "JVN#38787103",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN38787103/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/CVE-2013-2165"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=973570"
},
{
"name": "RHSA-2013:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1045.html"
},
{
"name": "RHSA-2013:1041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1041.html"
},
{
"name": "RHSA-2013:1043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1043.html"
},
{
"name": "RHSA-2013:1044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1044.html"
},
{
"name": "JVNDB-2013-000072",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000072"
},
{
"name": "RHSA-2013:1042",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1042.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2165",
"datePublished": "2013-07-22T19:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-14667
Vulnerability from cvelistv5
Published
2018-11-06 22:00
Modified
2024-08-05 09:38
Severity ?
EPSS score ?
Summary
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:3519 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3581 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3518 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3517 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1042037 | vdb-entry, x_refsource_SECTRACK | |
| http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2020/Mar/21 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:12.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667"
},
{
"name": "RHSA-2018:3519",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3519"
},
{
"name": "RHSA-2018:3581",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3581"
},
{
"name": "RHSA-2018:3518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3518"
},
{
"name": "RHSA-2018:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3517"
},
{
"name": "1042037",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042037"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RichFaces",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "affected 3.X through 3.3.4"
}
]
}
],
"datePublic": "2018-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T00:06:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667"
},
{
"name": "RHSA-2018:3519",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3519"
},
{
"name": "RHSA-2018:3581",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3581"
},
{
"name": "RHSA-2018:3518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3518"
},
{
"name": "RHSA-2018:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3517"
},
{
"name": "1042037",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042037"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-14667",
"datePublished": "2018-11-06T22:00:00",
"dateReserved": "2018-07-27T00:00:00",
"dateUpdated": "2024-08-05T09:38:12.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0279
Vulnerability from cvelistv5
Published
2015-03-26 14:00
Modified
2024-08-06 04:03
Severity ?
EPSS score ?
Summary
JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1192140 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-0719.html | vendor-advisory, x_refsource_REDHAT | |
| http://jvn.jp/en/jp/JVN56297719/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-001959.html | third-party-advisory, x_refsource_JVNDB | |
| http://seclists.org/fulldisclosure/2019/Jul/21 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/153734/Tufin-Secure-Change-Remote-Code-Execution.html | x_refsource_MISC | |
| http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2020/Mar/21 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192140"
},
{
"name": "RHSA-2015:0719",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0719.html"
},
{
"name": "JVN#56297719",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN56297719/index.html"
},
{
"name": "JVNDB-2015-001959",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-001959.html"
},
{
"name": "20190723 Tufin SecureChange uses Richfaces 4.3.5, vulnerable to CVE-2015-0279 (unauthenticated RCE)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jul/21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153734/Tufin-Secure-Change-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-14T00:06:02",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192140"
},
{
"name": "RHSA-2015:0719",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0719.html"
},
{
"name": "JVN#56297719",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN56297719/index.html"
},
{
"name": "JVNDB-2015-001959",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-001959.html"
},
{
"name": "20190723 Tufin SecureChange uses Richfaces 4.3.5, vulnerable to CVE-2015-0279 (unauthenticated RCE)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jul/21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153734/Tufin-Secure-Change-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-0279",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1192140",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192140"
},
{
"name": "RHSA-2015:0719",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0719.html"
},
{
"name": "JVN#56297719",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN56297719/index.html"
},
{
"name": "JVNDB-2015-001959",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-001959.html"
},
{
"name": "20190723 Tufin SecureChange uses Richfaces 4.3.5, vulnerable to CVE-2015-0279 (unauthenticated RCE)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jul/21"
},
{
"name": "http://packetstormsecurity.com/files/153734/Tufin-Secure-Change-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153734/Tufin-Secure-Change-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"name": "20200313 RichFaces exploitation toolkit",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-0279",
"datePublished": "2015-03-26T14:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:10.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}