CPE-EBD14958-1FD3-4016-8D30-AC8FA86869F2 Détail

CPE Details

Red Hat JBoss Enterprise Portal Platform 6.0.0

Vendor

redhat

Product

jboss_enterprise_portal_platform

Version

6.0.0

Created

2013-10-29
13h24 +00:00

Modifié

2013-10-29
13h27 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:redhat:jboss_enterprise_portal_platform:6.0.0:::::::*

Informations

Vendor

redhat

Product

jboss_enterprise_portal_platform

Version

6.0.0

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score
CVE-2013-2185	2014-01-19 15h00 +00:00	The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue	7.5
CVE-2012-4572	2013-10-28 21h00 +00:00	Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications' authorization decisions via a crafted application.	3.7
CVE-2013-2102	2013-10-28 21h00 +00:00	The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information (diagnostics) by accessing the service.	3.3
CVE-2013-2186	2013-10-28 20h00 +00:00	The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.	7.5

Red Hat JBoss Enterprise Portal Platform 6.0.0

CPE Details

CPE Name: cpe:2.3:a:redhat:jboss_enterprise_portal_platform:6.0.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:redhat:jboss_enterprise_portal_platform:6.0.0:::::::*