Bug 973570 (CVE-2013-2165)
| Summary: | CVE-2013-2165 JBoss RichFaces: Remote code execution due to insecure deserialization | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Arun Babu Neelicattu <aneelica> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | unspecified | CC: | bleathem, bmaxwell, ccrouch, djorm, grocha, jlieskov, jlivings, jrusnack, lfryc, lgao, mnovotny, osoukup, rcvalle, security-response-team, spinder, theute, weli |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-07-11 05:03:23 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 973872, 973873, 973874, 973875, 973876, 973878, 978369, 978474, 978907, 979405 | ||
| Bug Blocks: | 973001, 1025132 | ||
|
Description
Arun Babu Neelicattu
2013-06-12 08:48:56 UTC
This issue has been addressed in following products: Red Hat JBoss Web Framework Kit 2.3.0 Via RHSA-2013:1041 https://rhn.redhat.com/errata/RHSA-2013-1041.html This issue has been addressed in following products: JBEWP 5 for RHEL 6 JBEWP 5 for RHEL 5 JBEWP 5 for RHEL 4 Via RHSA-2013:1043 https://rhn.redhat.com/errata/RHSA-2013-1043.html This issue has been addressed in following products: JBEAP 5 for RHEL 6 JBEAP 5 for RHEL 5 JBEAP 5 for RHEL 4 Via RHSA-2013:1042 https://rhn.redhat.com/errata/RHSA-2013-1042.html This issue has been addressed in following products: Red Hat JBoss Enterprise Application Platform 4.3.0 CP10 Red Hat JBoss Enterprise Application Platform 5.2.0 Red Hat JBoss Web Platform 5.2.0 Red Hat JBoss BRMS 5.3.1 Red Hat JBoss SOA Platform 4.3.0 CP05 Red Hat JBoss SOA Platform 5.3.1 Red Hat JBoss Portal 4.3 CP07 Red Hat JBoss Portal 5.2.2 Red Hat JBoss Operations Network 2.4.2 Red Hat JBoss Operations Network 3.1.2 Via RHSA-2013:1045 https://rhn.redhat.com/errata/RHSA-2013-1045.html This issue has been addressed in following products: JBEAP 4.3.0 for RHEL 4 JBEAP 4.3.0 for RHEL 5 Via RHSA-2013:1044 https://rhn.redhat.com/errata/RHSA-2013-1044.html |