A flaw was found in Apache Camel's parsing of the FILE_NAME header. A remote attacker able to submit messages to a Camel route, which would write the provided message to a file, could provide expression language (EL) expressions in the FILE_NAME header, which would be evaluated on the server. This could lead to arbitrary remote code execution in the context of the Camel server process. External References: https://issues.apache.org/jira/browse/CAMEL-6734 https://issues.apache.org/jira/browse/CAMEL-6748
*** Bug 995275 has been marked as a duplicate of this bug. ***
*** Bug 1011695 has been marked as a duplicate of this bug. ***
*** Bug 1011678 has been marked as a duplicate of this bug. ***
External References: http://camel.apache.org/security-advisories.data/CVE-2013-4330.txt.asc
This issue has been addressed in following products: Red Hat JBoss Fuse 6.0.0 Red Hat JBoss A-MQ 6.0.0 Via RHSA-2013:1410 https://rhn.redhat.com/errata/RHSA-2013-1410.html
This issue has been addressed in following products: Fuse ESB Enterprise 7.1.0 Fuse MQ Enterprise 7.1.0 Via RHSA-2013:1862 https://rhn.redhat.com/errata/RHSA-2013-1862.html
This issue has been addressed in following products: Red Hat JBoss Fuse Service Works 6.0.0 Via RHSA-2014:0124 https://rhn.redhat.com/errata/RHSA-2014-0124.html
This issue has been addressed in following products: Red Hat JBoss BRMS 6.0.0 Red Hat JBoss BPMS 6.0.0 Via RHSA-2014:0140 https://rhn.redhat.com/errata/RHSA-2014-0140.html
This issue has been addressed in following products: RHEL 6 Version of OpenShift Enterprise 2.0 Via RHSA-2014:0245 https://rhn.redhat.com/errata/RHSA-2014-0245.html
This issue has been addressed in following products: RHEL 6 Version of OpenShift Enterprise 1.2 Via RHSA-2014:0254 https://rhn.redhat.com/errata/RHSA-2014-0254.html