rhsa-2008_0213
Vulnerability from csaf_redhat
Published
2008-04-02 20:42
Modified
2024-11-05 16:54
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP02 security update
Notes
Topic
New JBoss Enterprise Application Platform (JBEAP) packages, comprising the
4.2.0.CP02 release, are now available for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
JBEAP is a middleware platform for Java 2 Platform, Enterprise Edition
(J2EE) applications.
This release of JBEAP for Red Hat Enterprise Linux 5 contains the JBoss
Application Server and JBoss Seam and serves as a replacement for JBEAP
4.2.0.GA_CP01. As well as fixing numerous bugs and adding enhancements,
these updated packages addresses several security issues.
The JFreeChart component was vulnerable to multiple cross-site scripting
(XSS) vulnerabilities. An attacker could misuse the image map feature to
inject arbitrary web script or HTML via several attributes of the chart
area. (CVE-2007-6306)
A vulnerability caused by exposing static java methods was located within
the HSQLDB component. This could be utilized by an attacker to execute
arbitrary static java methods. (CVE-2007-4575)
The setOrder method in the org.jboss.seam.framework.Query class did not
properly validate user-supplied parameters. This vulnerability allowed
remote attackers to inject and execute arbitrary EJBQL commands via the
order parameter. (CVE-2007-6433)
For details regarding the bug fixes and enhancements included with this
update, please see the JBoss Enterprise Application Platform 4.2.0.CP02
Release Notes, linked to in the References section below.
All Red Hat Enterprise Linux 5 users wanting to use the JBoss Enterprise
Application Platform are advised to install these new packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New JBoss Enterprise Application Platform (JBEAP) packages, comprising the\n4.2.0.CP02 release, are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "JBEAP is a middleware platform for Java 2 Platform, Enterprise Edition\n(J2EE) applications.\n\nThis release of JBEAP for Red Hat Enterprise Linux 5 contains the JBoss\nApplication Server and JBoss Seam and serves as a replacement for JBEAP\n4.2.0.GA_CP01. As well as fixing numerous bugs and adding enhancements,\nthese updated packages addresses several security issues.\n\nThe JFreeChart component was vulnerable to multiple cross-site scripting\n(XSS) vulnerabilities. An attacker could misuse the image map feature to\ninject arbitrary web script or HTML via several attributes of the chart\narea. (CVE-2007-6306)\n\nA vulnerability caused by exposing static java methods was located within\nthe HSQLDB component. This could be utilized by an attacker to execute\narbitrary static java methods. (CVE-2007-4575)\n\nThe setOrder method in the org.jboss.seam.framework.Query class did not\nproperly validate user-supplied parameters. This vulnerability allowed\nremote attackers to inject and execute arbitrary EJBQL commands via the\norder parameter. (CVE-2007-6433)\n\nFor details regarding the bug fixes and enhancements included with this\nupdate, please see the JBoss Enterprise Application Platform 4.2.0.CP02\nRelease Notes, linked to in the References section below.\n\nAll Red Hat Enterprise Linux 5 users wanting to use the JBoss Enterprise\nApplication Platform are advised to install these new packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2008:0213", "url": "https://access.redhat.com/errata/RHSA-2008:0213" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html", "url": "http://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html" }, { "category": "external", "summary": "299801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=299801" }, { "category": "external", "summary": "421081", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=421081" }, { "category": "external", "summary": "426206", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=426206" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0213.json" } ], "title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP02 security update", "tracking": { "current_release_date": "2024-11-05T16:54:04+00:00", "generator": { "date": "2024-11-05T16:54:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2008:0213", "initial_release_date": "2008-04-02T20:42:00+00:00", "revision_history": [ { "date": "2008-04-02T20:42:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2008-04-02T16:42:53+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T16:54:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el5" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "product": { "name": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "product_id": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/concurrent@1.3.4-8jpp.ep1.6.el5.1?arch=src" } } }, { "category": "product_version", "name": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "product": { "name": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "product_id": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaf@1.1.0-0jpp.ep1.9.el5?arch=src" } } }, { "category": "product_version", "name": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "product": { "name": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "product_id": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.8.el5?arch=src" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "product": { "name": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "product_id": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_04-1.p02.0jpp.ep1.18.el5?arch=src" } } }, { "category": "product_version", "name": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "product": { "name": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "product_id": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jstl@1.2.0-0jpp.ep1.2.el5?arch=src" } } }, { "category": "product_version", "name": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "product": { "name": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "product_id": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1?arch=src" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "product": { "name": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "product_id": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.2.1-1.patch02.1jpp.ep1.2.el5.1?arch=src" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "product": { "name": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "product_id": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.2.1-1jpp.ep1.6.el5?arch=src" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "product_id": "jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.5.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "product": { "name": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "product_id": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-1.CP01.0jpp.ep1.1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "product": { "name": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "product_id": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-cache@1.4.1-4.SP8_CP01.1jpp.ep1.1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.2.el5.1?arch=src" } } }, { "category": "product_version", "name": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "product": { "name": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "product_id": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-jbpm-bpel@1.1.0-0jpp.ep1.3.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "product": { "name": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "product_id": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-jbpm-jpdl@3.2.0-0jpp.ep1.6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "product": { "name": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "product_id": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP4.0jpp.ep1.1.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-1.ep1.3.el5.src", "product": { "name": "jboss-seam-0:1.2.1-1.ep1.3.el5.src", "product_id": "jboss-seam-0:1.2.1-1.ep1.3.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.3.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "product": { "name": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "product_id": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP02.ep1.3.el5.3?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "product": { "name": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "product_id": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-3.CP05.0jpp.ep1.1.el5?arch=src" } } }, { "category": "product_version", "name": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "product": { "name": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "product_id": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-jboss42@1.2.1-0jpp.ep1.2.el5.1?arch=src" } } }, { "category": "product_version", "name": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "product": { "name": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "product_id": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-wsconsume-impl@2.0.0-0jpp.ep1.3.el5?arch=src" } } }, { "category": "product_version", "name": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "product": { "name": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "product_id": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossxb@1.0.0-2.SP1.0jpp.ep1.2.el5.1?arch=src" } } }, { "category": "product_version", "name": "jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "product": { "name": "jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "product_id": "jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.12-1jpp.ep1.2.el5?arch=src" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "product": { "name": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "product_id": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.9-1jpp.ep1.2.el5.1?arch=src" } } }, { "category": "product_version", "name": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "product": { "name": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "product_id": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.1-1.SP4.0jpp.ep1.2.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "product": { "name": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "product_id": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/juddi@0.9-0.rc4.2jpp.ep1.3.el5.1?arch=src" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "product": { "name": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "product_id": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-3.GA_CP02.ep1.1.el5.1?arch=src" } } }, { "category": "product_version", "name": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src", "product": { "name": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src", "product_id": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ws-commons-policy@1.0-2jpp.ep1.4.el5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "product": { "name": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "product_id": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/concurrent@1.3.4-8jpp.ep1.6.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "product": { "name": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "product_id": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jaf@1.1.0-0jpp.ep1.9.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "product": { "name": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "product_id": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.8.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "product": { "name": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "product_id": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jsf@1.2_04-1.p02.0jpp.ep1.18.el5?arch=noarch" } } }, { "category": "product_version", "name": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "product": { "name": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "product_id": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/glassfish-jstl@1.2.0-0jpp.ep1.2.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "product": { "name": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "product_id": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "product": { "name": "hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "product_id": "hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "product": { "name": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "product_id": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations@3.2.1-1.patch02.1jpp.ep1.2.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "product": { "name": "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "product_id": "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.2.1-1.patch02.1jpp.ep1.2.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "product": { "name": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "product_id": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager@3.2.1-1jpp.ep1.6.el5?arch=noarch" } } }, { "category": "product_version", "name": "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "product": { "name": "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "product_id": "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.2.1-1jpp.ep1.6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "product": { "name": "jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "product_id": "jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.5.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "product": { "name": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "product_id": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-aop@1.5.5-1.CP01.0jpp.ep1.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "product": { "name": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "product_id": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-cache@1.4.1-4.SP8_CP01.1jpp.ep1.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "product": { "name": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "product_id": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.2.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "product": { "name": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "product_id": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-jbpm-bpel@1.1.0-0jpp.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "product": { "name": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "product_id": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-jbpm-jpdl@3.2.0-0jpp.ep1.6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "product": { "name": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "product_id": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP4.0jpp.ep1.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "product": { "name": "jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "product_id": "jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam-docs@1.2.1-1.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "product": { "name": "jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "product_id": "jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "product": { "name": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "product_id": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas@4.2.0-4.GA_CP02.ep1.3.el5.3?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "product": { "name": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "product_id": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@2.0.0-3.CP05.0jpp.ep1.1.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "product": { "name": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "product_id": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-jboss42@1.2.1-0jpp.ep1.2.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "product": { "name": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "product_id": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossws-wsconsume-impl@2.0.0-0jpp.ep1.3.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "product": { "name": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "product_id": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossxb@1.0.0-2.SP1.0jpp.ep1.2.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "product": { "name": "jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "product_id": "jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jcommon@1.0.12-1jpp.ep1.2.el5?arch=noarch" } } }, { "category": "product_version", "name": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "product": { "name": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "product_id": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jfreechart@1.0.9-1jpp.ep1.2.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "product": { "name": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "product_id": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@2.4.1-1.SP4.0jpp.ep1.2.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "product": { "name": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "product_id": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/juddi@0.9-0.rc4.2jpp.ep1.3.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "product": { "name": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "product_id": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs@4.2.0-3.GA_CP02.ep1.1.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "product": { "name": "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "product_id": "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-eap-docs-examples@4.2.0-3.GA_CP02.ep1.1.el5.1?arch=noarch" } } }, { "category": "product_version", "name": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "product": { "name": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "product_id": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ws-commons-policy@1.0-2jpp.ep1.4.el5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch" }, "product_reference": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src" }, "product_reference": "concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch" }, "product_reference": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src" }, "product_reference": "glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch" }, "product_reference": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src" }, "product_reference": "glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch" }, "product_reference": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src" }, "product_reference": "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch" }, "product_reference": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src" }, "product_reference": "glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch" }, "product_reference": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src" }, "product_reference": "hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch" }, "product_reference": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src" }, "product_reference": "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch" }, "product_reference": "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch" }, "product_reference": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src" }, "product_reference": "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch" }, "product_reference": "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch" }, "product_reference": "hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jacorb-0:2.3.0-1jpp.ep1.5.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src" }, "product_reference": "jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch" }, "product_reference": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src" }, "product_reference": "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch" }, "product_reference": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src" }, "product_reference": "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src" }, "product_reference": "jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch" }, "product_reference": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src" }, "product_reference": "jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch" }, "product_reference": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src" }, "product_reference": "jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch" }, "product_reference": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src" }, "product_reference": "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-0:1.2.1-1.ep1.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src" }, "product_reference": "jboss-seam-0:1.2.1-1.ep1.3.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch" }, "product_reference": "jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch" }, "product_reference": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src" }, "product_reference": "jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch" }, "product_reference": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src" }, "product_reference": "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch" }, "product_reference": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src" }, "product_reference": "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch" }, "product_reference": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src" }, "product_reference": "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch" }, "product_reference": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src" }, "product_reference": "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch" }, "product_reference": "jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jcommon-0:1.0.12-1jpp.ep1.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src" }, "product_reference": "jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch" }, "product_reference": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src" }, "product_reference": "jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch" }, "product_reference": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src" }, "product_reference": "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch" }, "product_reference": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src" }, "product_reference": "juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" }, "product_reference": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src" }, "product_reference": "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" }, "product_reference": "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch" }, "product_reference": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-4.2.0" }, { "category": "default_component_of", "full_product_name": { "name": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 5 Server", "product_id": "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" }, "product_reference": "ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src", "relates_to_product_reference": "5Server-JBEAP-4.2.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2007-4575", "discovery_date": "2007-09-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "299801" } ], "notes": [ { "category": "description", "text": "HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to \"exposing static java methods.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenOffice.org-base allows Denial-of-Service and command injection", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "known_not_affected": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-4575" }, { "category": "external", "summary": "RHBZ#299801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=299801" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-4575", "url": "https://www.cve.org/CVERecord?id=CVE-2007-4575" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-4575", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4575" } ], "release_date": "2007-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-04-02T20:42:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0213" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenOffice.org-base allows Denial-of-Service and command injection" }, { "cve": "CVE-2007-5461", "discovery_date": "2007-10-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "333791" } ], "notes": [ { "category": "description", "text": "Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.", "title": "Vulnerability description" }, { "category": "summary", "text": "Absolute path traversal Apache Tomcat WEBDAV", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "known_not_affected": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-5461" }, { "category": "external", "summary": "RHBZ#333791", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=333791" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-5461", "url": "https://www.cve.org/CVERecord?id=CVE-2007-5461" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-5461", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5461" } ], "release_date": "2007-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-04-02T20:42:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0213" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Absolute path traversal Apache Tomcat WEBDAV" }, { "cve": "CVE-2007-6306", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2007-12-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "421081" } ], "notes": [ { "category": "description", "text": "Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) chart name or (2) chart tool tip text; or the (3) href, (4) shape, or (5) coords attribute of a chart area.", "title": "Vulnerability description" }, { "category": "summary", "text": "JFreeChart: XSS vulnerabilities in the image map feature", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "known_not_affected": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-6306" }, { "category": "external", "summary": "RHBZ#421081", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=421081" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-6306", "url": "https://www.cve.org/CVERecord?id=CVE-2007-6306" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-6306", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-6306" } ], "release_date": "2007-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-04-02T20:42:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0213" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JFreeChart: XSS vulnerabilities in the image map feature" }, { "cve": "CVE-2007-6433", "discovery_date": "2007-12-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "426206" } ], "notes": [ { "category": "description", "text": "The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.", "title": "Vulnerability description" }, { "category": "summary", "text": "EJBQL injection via \u0027order\u0027 parameter", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "known_not_affected": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-6433" }, { "category": "external", "summary": "RHBZ#426206", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=426206" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-6433", "url": "https://www.cve.org/CVERecord?id=CVE-2007-6433" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-6433", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-6433" } ], "release_date": "2007-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-04-02T20:42:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0213" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EJBQL injection via \u0027order\u0027 parameter" }, { "cve": "CVE-2008-0002", "discovery_date": "2008-02-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "432327" } ], "notes": [ { "category": "description", "text": "Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat information disclosure vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "known_not_affected": [ "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.noarch", "5Server-JBEAP-4.2.0:concurrent-0:1.3.4-8jpp.ep1.6.el5.1.src", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jaf-0:1.1.0-0jpp.ep1.9.el5.src", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-javamail-0:1.4.0-0jpp.ep1.8.el5.src", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.el5.src", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:glassfish-jstl-0:1.2.0-0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jboss-common-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-bpel-0:1.1.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.noarch", "5Server-JBEAP-4.2.0:jboss-jbpm-jpdl-0:3.2.0-0jpp.ep1.6.el5.src", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.noarch", "5Server-JBEAP-4.2.0:juddi-0:0.9-0.rc4.2jpp.ep1.3.el5.1.src", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.noarch", "5Server-JBEAP-4.2.0:ws-commons-policy-0:1.0-2jpp.ep1.4.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-0002" }, { "category": "external", "summary": "RHBZ#432327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432327" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-0002", "url": "https://www.cve.org/CVERecord?id=CVE-2008-0002" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0002", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0002" } ], "release_date": "2008-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2008-04-02T20:42:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", "product_ids": [ "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:hibernate3-javadoc-0:3.2.4-1.SP1_CP02.0jpp.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.noarch", "5Server-JBEAP-4.2.0:jacorb-0:2.3.0-1jpp.ep1.5.el5.src", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jboss-seam-0:1.2.1-1.ep1.3.el5.src", "5Server-JBEAP-4.2.0:jboss-seam-docs-0:1.2.1-1.ep1.3.el5.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.noarch", "5Server-JBEAP-4.2.0:jbossas-0:4.2.0-4.GA_CP02.ep1.3.el5.3.src", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.noarch", "5Server-JBEAP-4.2.0:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.el5.src", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.noarch", "5Server-JBEAP-4.2.0:jcommon-0:1.0.12-1jpp.ep1.2.el5.src", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.noarch", "5Server-JBEAP-4.2.0:jfreechart-0:1.0.9-1jpp.ep1.2.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch", "5Server-JBEAP-4.2.0:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el5.1.src", "5Server-JBEAP-4.2.0:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el5.1.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2008:0213" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Tomcat information disclosure vulnerability" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.