Red Hat JBOSS Enterprise SOA Platform 5.3.0

CPE Details

Red Hat JBOSS Enterprise SOA Platform 5.3.0
redhat
jboss_enterprise_soa_platform
5.3.0
2012-11-26
13h47 +00:00
2012-11-28
02h33 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.3.0:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

jboss_enterprise_soa_platform

Version

5.3.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-4210 2013-10-01 15h00 +00:00 The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors.
5
CVE-2013-2165 2013-07-22 17h00 +00:00 ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data.
7.5
CVE-2011-2908 2012-11-23 19h00 +00:00 Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users for requests that perform operations on MBeans and possibly execute arbitrary code via unspecified vectors.
6