Bug 973570 (CVE-2013-2165) - CVE-2013-2165 JBoss RichFaces: Remote code execution due to insecure deserialization
Summary: CVE-2013-2165 JBoss RichFaces: Remote code execution due to insecure deserial...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-2165
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 973872 973873 973874 973875 973876 973878 978369 978474 978907 979405
Blocks: 973001 1025132
TreeView+ depends on / blocked
 
Reported: 2013-06-12 08:48 UTC by Arun Babu Neelicattu
Modified: 2019-09-29 13:05 UTC (History)
16 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-07-11 05:03:23 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
JBoss Issue Tracker JBPAPP-10776 Critical Resolved CVE-2013-2165 JBoss RichFaces Issue [eap-5] 2018-11-13 06:18:54 UTC
JBoss Issue Tracker JBPAPP-10777 Critical Resolved CVE-2013-2165 JBoss RichFaces Issue [eap-4] 2018-11-13 06:18:54 UTC
JBoss Issue Tracker JBPAPP-11268 Blocker Pending Upload to Patch Repository CVE-2018-12533 RichFaces: Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit... 2018-11-13 06:18:54 UTC
Red Hat Product Errata RHSA-2013:1041 normal SHIPPED_LIVE Critical: Red Hat JBoss Web Framework Kit 2.3.0 update 2013-07-11 03:44:29 UTC
Red Hat Product Errata RHSA-2013:1042 normal SHIPPED_LIVE Critical: richfaces security update 2013-07-11 03:55:30 UTC
Red Hat Product Errata RHSA-2013:1043 normal SHIPPED_LIVE Critical: richfaces security update 2013-07-11 03:55:22 UTC
Red Hat Product Errata RHSA-2013:1044 normal SHIPPED_LIVE Critical: jboss-seam2 security update 2013-07-11 04:17:04 UTC
Red Hat Product Errata RHSA-2013:1045 normal SHIPPED_LIVE Critical: RichFaces security update 2013-07-11 04:16:59 UTC

Description Arun Babu Neelicattu 2013-06-12 08:48:56 UTC
A flaw was found in the way JBoss RichFaces handled deserialization. A remote attacker could use this flaw to trigger the execution of the deserialization methods in any serializable class deployed on the server. This could lead to a variety of security impacts depending on the deserialization logic of these classes.

Comment 4 David Jorm 2013-06-13 09:23:22 UTC
Acknowledgements:

Red Hat would like to thank Takeshi Terada (Mitsui Bussan Secure Directions, Inc.) for reporting this issue.

Comment 9 errata-xmlrpc 2013-07-10 23:45:51 UTC
This issue has been addressed in following products:

  Red Hat JBoss Web Framework Kit 2.3.0

Via RHSA-2013:1041 https://rhn.redhat.com/errata/RHSA-2013-1041.html

Comment 10 errata-xmlrpc 2013-07-10 23:57:02 UTC
This issue has been addressed in following products:

  JBEWP 5 for RHEL 6
  JBEWP 5 for RHEL 5
  JBEWP 5 for RHEL 4

Via RHSA-2013:1043 https://rhn.redhat.com/errata/RHSA-2013-1043.html

Comment 11 errata-xmlrpc 2013-07-10 23:57:11 UTC
This issue has been addressed in following products:

  JBEAP 5 for RHEL 6
  JBEAP 5 for RHEL 5
  JBEAP 5 for RHEL 4

Via RHSA-2013:1042 https://rhn.redhat.com/errata/RHSA-2013-1042.html

Comment 12 errata-xmlrpc 2013-07-11 00:18:27 UTC
This issue has been addressed in following products:

  Red Hat JBoss Enterprise Application Platform 4.3.0 CP10
  Red Hat JBoss Enterprise Application Platform 5.2.0
  Red Hat JBoss Web Platform 5.2.0
  Red Hat JBoss BRMS 5.3.1
  Red Hat JBoss SOA Platform 4.3.0 CP05
  Red Hat JBoss SOA Platform 5.3.1
  Red Hat JBoss Portal 4.3 CP07
  Red Hat JBoss Portal 5.2.2
  Red Hat JBoss Operations Network 2.4.2
  Red Hat JBoss Operations Network 3.1.2

Via RHSA-2013:1045 https://rhn.redhat.com/errata/RHSA-2013-1045.html

Comment 13 errata-xmlrpc 2013-07-11 00:20:16 UTC
This issue has been addressed in following products:

  JBEAP 4.3.0 for RHEL 4
  JBEAP 4.3.0 for RHEL 5

Via RHSA-2013:1044 https://rhn.redhat.com/errata/RHSA-2013-1044.html


Note You need to log in before you can comment on or make changes to this bug.