1584490 – (CVE-2018-12533) CVE-2018-12533 RichFaces: Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit.html.Paint2DResource

Bug 1584490 (CVE-2018-12533) - CVE-2018-12533 RichFaces: Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit.html.Paint2DResource

Summary: CVE-2018-12533 RichFaces: Injection of arbitrary EL expressions allows remote...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2018-12533
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1584664 1584908 1584942 1637230
Blocks:	1584491
TreeView+	depends on / blocked

Reported:	2018-05-31 04:07 UTC by Sam Fowler
Modified:	2021-09-09 14:19 UTC (History)
CC List:	54 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-06-10 10:27:04 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2018:2663	None	None	None	2018-09-10 14:43:42 UTC
Red Hat Product Errata	RHSA-2018:2664	None	None	None	2018-09-10 14:52:46 UTC
Red Hat Product Errata	RHSA-2018:2930	None	None	None	2018-10-16 17:06:09 UTC

Description Sam Fowler 2018-05-31 04:07:59 UTC

RichFaces versions 3.x through 3.3.4 is vulnerable to injection of arbitrary EL expressions in org.richfaces.renderkit.html.Paint2DResource allowing remote attackers to execute arbitrary code.


External Reference:

https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html

Comment 1 Sam Fowler 2018-05-31 04:28:49 UTC

Upstream issue:

https://issues.jboss.org/browse/RF-14310

Comment 11 errata-xmlrpc 2018-09-10 14:43:24 UTC

This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2018:2663 https://access.redhat.com/errata/RHSA-2018:2663

Comment 12 errata-xmlrpc 2018-09-10 14:52:30 UTC

This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 5 for RHEL 5
  Red Hat JBoss Enterprise Application Platform 5 for RHEL 6

Via RHSA-2018:2664 https://access.redhat.com/errata/RHSA-2018:2664

Comment 14 errata-xmlrpc 2018-10-16 17:05:52 UTC

This issue has been addressed in the following products:

  Red Hat JBoss Operations Network

Via RHSA-2018:2930 https://access.redhat.com/errata/RHSA-2018:2930

Note You need to log in before you can comment on or make changes to this bug.

aileenc
alazarot
anstephe
bmaxwell
cdewolf
chazlett
csutherl
darran.lofthouse
dereed
dimitris
dosoudil
drieden
etirelli
fgavrilo
gvarsami
ibek
jawilson
jboss-set
jcoleman
jolee
jondruse
jschatte
jstastny
kconner
krathod
kverlaen
ldimaggi
lgao
loleary
lpetrovi
myarboro
nwallace
paradhya
pgier
pjurak
ppalaga
psakar
pslavice
rnetuka
rrajasek
rstancel
rsvoboda
rsynek
rwagner
rzhang
sdaley
sfowler
spinder
tcunning
theute
tkirby
twalsh
vhalbert
vtunka