The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of RedHat JBoss Enterprise Application Platform

computer weakness note CVE-2014-0107

Xalan-Java: vulnerabilities of FEATURE_SECURE_PROCESSING

Synthesis of the vulnerability

An attacker can use several vulnerabilities of the FEATURE_SECURE_PROCESSING implementation in Xalan-Java.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 25/03/2014.
Identifiers: c05324755, CERTFR-2014-AVI-252, CERTFR-2014-AVI-365, CVE-2014-0107, DSA-2886-1, FEDORA-2014-4426, FEDORA-2014-4443, HPSBGN03669, oCERT-2014-002, openSUSE-SU-2014:0861-1, openSUSE-SU-2014:0948-1, RHSA-2014:0348-01, RHSA-2014:0453-01, RHSA-2014:0454-01, RHSA-2014:0590-01, RHSA-2014:0591-01, RHSA-2014:0818-01, RHSA-2014:0819-01, RHSA-2014:1007-01, RHSA-2014:1059-01, RHSA-2014:1290-01, RHSA-2014:1291-01, RHSA-2014:1351-01, RHSA-2014:1369-01, RHSA-2014:1995-01, RHSA-2015:1009, SUSE-SU-2014:0870-1, USN-2218-1, VIGILANCE-VUL-14468, XALANJ-2435.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The FEATURE_SECURE_PROCESSING (http://javax.xml.XMLConstants/feature/secure-processing) constant requires Xalan-Java to analyze XML files in a secure way, in order for example to block denial of service attacks. However, it is impacted by three vulnerabilities.

An attacker can access to XSLT 1.0 system-property(), in order to obtain sensitive information. [severity:2/4]

The xalan:content-handler and xalan:entities properties can be used to load a class or an external resource. [severity:2/4; XALANJ-2435]

If BSF (Bean Scripting Framework) is in the classpath, an attacker can open a JAR, in order to execute code. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-6438

Apache HTTP Server: denial of service via mod_dav

Synthesis of the vulnerability

An attacker can send a DAV WRITE query starting by spaces, in order to trigger a denial of service in mod_dav of Apache HTTP Server.
Severity: 2/4.
Creation date: 18/03/2014.
Identifiers: c04223376, c04483248, CERTFR-2014-AVI-131, CERTFR-2014-AVI-244, CERTFR-2014-AVI-250, CERTFR-2015-AVI-286, CERTFR-2015-AVI-431, CERTFR-2016-AVI-300, CVE-2013-6438, FEDORA-2014-5004, HPSBUX03102, HPSBUX03150, JSA10685, JSA10698, MDVSA-2014:065, MDVSA-2015:093, openSUSE-SU-2014:0969-1, openSUSE-SU-2014:1044-1, openSUSE-SU-2014:1045-1, openSUSE-SU-2014:1647-1, RHSA-2014:0369-01, RHSA-2014:0370-01, RHSA-2014:0783-01, RHSA-2014:0784-01, RHSA-2014:0825-01, RHSA-2014:0826-01, SOL15300, SSA:2014-086-02, SSRT101681, SUSE-SU-2014:0967-1, SUSE-SU-2014:1080-1, SUSE-SU-2014:1081-1, SUSE-SU-2014:1082-1, USN-2152-1, VIGILANCE-VUL-14439.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The mod_dav module can be enabled on Apache HTTP Server, to edit documents online.

When data starts by a space, they are removed. However, the size of data is not updated, so the '\0' terminator is written outside the array, which leads to a fatal error.

An attacker can therefore send a DAV WRITE query starting by spaces, in order to trigger a denial of service in mod_dav of Apache HTTP Server.
Full Vigil@nce bulletin... (Free trial)

computer weakness alert CVE-2014-0098

Apache HTTP Server: denial of service via mod_log_config

Synthesis of the vulnerability

An attacker can use a truncated cookie, in order to trigger a denial of service in mod_log_config of Apache HTTP Server.
Severity: 2/4.
Creation date: 18/03/2014.
Identifiers: c04223376, c04483248, CERTFR-2014-AVI-131, CERTFR-2014-AVI-244, CERTFR-2015-AVI-286, CERTFR-2015-AVI-431, CERTFR-2016-AVI-300, CVE-2014-0098, FEDORA-2014-4555, FEDORA-2014-5004, HPSBUX03102, HPSBUX03150, JSA10685, JSA10698, MDVSA-2014:065, MDVSA-2015:093, openSUSE-SU-2014:0969-1, openSUSE-SU-2014:1044-1, openSUSE-SU-2014:1045-1, openSUSE-SU-2014:1647-1, RHSA-2014:0369-01, RHSA-2014:0370-01, RHSA-2014:0783-01, RHSA-2014:0784-01, RHSA-2014:0825-01, RHSA-2014:0826-01, SSA:2014-086-02, SSRT101681, SUSE-SU-2014:0967-1, SUSE-SU-2014:1080-1, SUSE-SU-2014:1081-1, SUSE-SU-2014:1082-1, USN-2152-1, VIGILANCE-VUL-14438.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

To define cookies, web clients use an HTTP header like:
  Cookie: name=value; name2=value2

The mod_log_config module logs HTTP queries received by Apache httpd. However, if a cookie has no value, a fatal error occurs in the log_cookie() function of the modules/loggers/mod_log_config.c file.

An attacker can therefore use a truncated cookie, in order to trigger a denial of service in mod_log_config of Apache HTTP Server.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-4286

Apache Tomcat: data injection via Content-Length

Synthesis of the vulnerability

An attacker can use two Content-Length headers in order to alter behaviour of HTTP data analysis.
Severity: 1/4.
Creation date: 25/02/2014.
Identifiers: BID-65773, c04483248, CERTFR-2014-AVI-244, cpuoct2016, CVE-2013-4286, DSA-2897-1, DSA-3530-1, FEDORA-2014-11048, HPSBUX03150, MDVSA-2015:052, RHSA-2014:0343-01, RHSA-2014:0344-01, RHSA-2014:0345-01, RHSA-2014:0373-01, RHSA-2014:0374-01, RHSA-2014:0429-01, RHSA-2014:0458-01, RHSA-2014:0459-01, RHSA-2014:0511-01, RHSA-2014:0525-01, RHSA-2014:0526-01, RHSA-2014:0527-01, RHSA-2014:0528-01, RHSA-2014:0686-01, RHSA-2015:1009, SB10079, SSRT101681, USN-2130-1, VIGILANCE-VUL-14307.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Content-Length header indicates size of HTTP data.

When two or several Content-Length headers are present, each entity (client, proxy, server) can take a different decision:
 - use first value
 - use last value
 - etc.
These different behaviors for example permit to inject data to corrupt a cache or obtain sensitive information (VIGILANCE-VUL-4047, VIGILANCE-VUL-6675).

The HTTP and AJP connectors of Tomcat server do not ignore these multiple headers, and are thus impacted by this attack family.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2012-0874 CVE-2013-4810

JBoss AS 4, 5: code execution via Invoker

Synthesis of the vulnerability

An attacker can use EJBInvokerServlet / JMXInvokerServlet of JBoss AS 4/5, in order to deploy a shell code, which is executed on the server.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 20/11/2013.
Identifiers: 795645, BID-57552, CVE-2012-0874, CVE-2013-4810, RHSA-2013:0191-01, RHSA-2013:0192-01, RHSA-2013:0193-01, RHSA-2013:0194-01, RHSA-2013:0195-01, RHSA-2013:0196-01, RHSA-2013:0197-01, RHSA-2013:0198-01, RHSA-2013:0221-01, RHSA-2013:0533-01, VIGILANCE-VUL-13802.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

In versions 4 and 5 of JBoss AS, the HTTP Invoker service is used to access to EJB (Enterprise Java Beans) via RMI/HTTP.

However, access to the EJBInvokerServlet and JMXInvokerServlet servlets does not require an authentication by default.

An attacker can therefore use EJBInvokerServlet / JMXInvokerServlet of JBoss AS 4/5, in order to deploy a shell code, which is executed on the server.
Full Vigil@nce bulletin... (Free trial)

computer weakness bulletin CVE-2013-3829 CVE-2013-4002 CVE-2013-5772

Oracle Java: multiple vulnerabilities of October 2013

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle Java.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 51.
Creation date: 16/10/2013.
Identifiers: 1663589, 1663930, 1664550, 1670264, 1671933, BID-63079, BID-63082, BID-63089, BID-63095, BID-63098, BID-63101, BID-63102, BID-63103, BID-63106, BID-63110, BID-63111, BID-63112, BID-63115, BID-63118, BID-63120, BID-63121, BID-63122, BID-63124, BID-63126, BID-63127, BID-63128, BID-63129, BID-63130, BID-63131, BID-63132, BID-63133, BID-63134, BID-63135, BID-63136, BID-63137, BID-63139, BID-63140, BID-63141, BID-63142, BID-63143, BID-63144, BID-63145, BID-63146, BID-63147, BID-63148, BID-63149, BID-63150, BID-63151, BID-63152, BID-63153, BID-63154, BID-63155, BID-63156, BID-63157, BID-63158, c04031205, c04031212, CERTA-2013-AVI-586, CERTFR-2014-AVI-117, CERTFR-2014-AVI-199, cpuoct2013, CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5775, CVE-2013-5776, CVE-2013-5777, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5788, CVE-2013-5789, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5805, CVE-2013-5806, CVE-2013-5809, CVE-2013-5810, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842, CVE-2013-5843, CVE-2013-5844, CVE-2013-5846, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850, CVE-2013-5851, CVE-2013-5852, CVE-2013-5854, FEDORA-2013-19285, FEDORA-2013-19338, HPSBUX02943, HPSBUX02944, MDVSA-2013:266, MDVSA-2013:267, openSUSE-SU-2013:1663-1, openSUSE-SU-2013:1968-1, RHSA-2013:1440-01, RHSA-2013:1447-01, RHSA-2013:1451-01, RHSA-2013:1505-01, RHSA-2013:1507-01, RHSA-2013:1508-01, RHSA-2013:1509-01, RHSA-2013:1793-01, RHSA-2014:1319-01, RHSA-2014:1818-01, RHSA-2014:1821-01, RHSA-2014:1822-01, RHSA-2014:1823-01, RHSA-2015:0269-01, RHSA-2015:0675-01, RHSA-2015:0773-01, SB10058, SE-2012-01, SOL16872, SOL48802597, SUSE-SU-2013:1666-1, SUSE-SU-2013:1669-1, SUSE-SU-2013:1677-2, SUSE-SU-2013:1677-3, VIGILANCE-VUL-13601, VMSA-2014-0002, ZDI-13-244, ZDI-13-245, ZDI-13-246, ZDI-13-247, ZDI-13-248.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Oracle Java.

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63103, CVE-2013-5782]

An attacker can use a vulnerability of Libraries via LDAP Deserialization, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63121, CVE-2013-5830, ZDI-13-248]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63118, CVE-2013-5809]

An attacker can use a vulnerability of 2D via FileImageInputStream, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63137, CVE-2013-5829, ZDI-13-247]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63143, CVE-2013-5814]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63139, CVE-2013-5824]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63145, CVE-2013-5788]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63155, CVE-2013-5787]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63156, CVE-2013-5789]

An attacker can use a vulnerability of JNDI via LdapCtx, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63146, CVE-2013-5817, ZDI-13-244]

An attacker can use a vulnerability of Libraries via ObjectOutputStream, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63150, CVE-2013-5842, ZDI-13-246]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63151, CVE-2013-5843]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63158, CVE-2013-5832]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63153, CVE-2013-5850]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63131, CVE-2013-5838]

An attacker can use a vulnerability of Swing, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63112, CVE-2013-5805]

An attacker can use a vulnerability of Swing, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63122, CVE-2013-5806]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63127, CVE-2013-5846]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63132, CVE-2013-5810]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63136, CVE-2013-5844]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63140, CVE-2013-5777]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63130, CVE-2013-5852]

An attacker can use a vulnerability of JAXP, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63135, CVE-2013-5802]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; BID-63144, CVE-2013-5775]

An attacker can use a vulnerability of Javadoc, in order to obtain or alter information. [severity:3/4; BID-63149, CVE-2013-5804]

An attacker can use a vulnerability of Deployment, in order to obtain information, or to trigger a denial of service. [severity:3/4; BID-63126, CVE-2013-5812]

An attacker can use a vulnerability of Libraries, in order to obtain or alter information. [severity:3/4; BID-63120, CVE-2013-3829]

An attacker can use a vulnerability of Swing NumberFormatter and RealTimeSequencer, in order to obtain or alter information. [severity:3/4; BID-63154, CVE-2013-5783, ZDI-13-245]

An attacker can use a vulnerability of JAXP, in order to trigger a denial of service. [severity:2/4; BID-63101, CVE-2013-5825]

An attacker can use a vulnerability of JAXP, in order to trigger a denial of service. [severity:2/4; CVE-2013-4002]

An attacker can use a vulnerability of Security, in order to trigger a denial of service. [severity:2/4; BID-63110, CVE-2013-5823]

An attacker can use a vulnerability of 2D, in order to obtain information. [severity:2/4; BID-63134, CVE-2013-5778]

An attacker can use a vulnerability of 2D, in order to obtain information. [severity:2/4; BID-63147, CVE-2013-5801]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; BID-63152, CVE-2013-5776]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; BID-63157, CVE-2013-5818]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; BID-63141, CVE-2013-5819]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; BID-63129, CVE-2013-5831]

An attacker can use a vulnerability of JAX-WS, in order to alter information. [severity:2/4; BID-63133, CVE-2013-5820]

An attacker can use a vulnerability of JAXP, in order to obtain information. [severity:2/4; BID-63142, CVE-2013-5851]

An attacker can use a vulnerability of Libraries, in order to obtain information. [severity:2/4; BID-63148, CVE-2013-5840]

An attacker can use a vulnerability of Libraries, in order to alter information. [severity:2/4; BID-63128, CVE-2013-5774]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; BID-63124, CVE-2013-5848]

An attacker can use a vulnerability of Libraries, in order to obtain information. [severity:2/4; BID-63115, CVE-2013-5780]

An attacker can use a vulnerability of JGSS, in order to obtain information. [severity:2/4; BID-63111, CVE-2013-5800]

An attacker can use a vulnerability of AWT, in order to obtain information. [severity:2/4; BID-63106, CVE-2013-5849]

An attacker can use a vulnerability of BEANS, in order to obtain information. [severity:2/4; BID-63102, CVE-2013-5790]

An attacker can use a vulnerability of SCRIPTING, in order to alter information. [severity:2/4; BID-63098, CVE-2013-5784]

An attacker can use a vulnerability of Javadoc, in order to alter information. [severity:2/4; BID-63095, CVE-2013-5797]

An attacker can use a vulnerability of jhat, in order to alter information. [severity:1/4; BID-63089, CVE-2013-5772]

An attacker can use a vulnerability of JGSS, in order to trigger a denial of service. [severity:1/4; BID-63082, CVE-2013-5803]

An attacker can use a vulnerability of JavaFX, in order to obtain information. [severity:1/4; BID-63079, CVE-2013-5854]
Full Vigil@nce bulletin... (Free trial)

computer weakness bulletin CVE-2013-1896

Apache HTTP Server: denial of service via mod_dav

Synthesis of the vulnerability

An attacker can send a MERGE query for mod_dav of Apache HTTP Server, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 15/07/2013.
Identifiers: BID-61129, c03922406, CERTA-2013-AVI-435, CERTA-2013-AVI-543, CERTA-2013-AVI-590, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CERTFR-2015-AVI-286, CVE-2013-1896, FEDORA-2013-13922, FEDORA-2013-13994, HPSBUX02927, JSA10685, MDVSA-2013:193, openSUSE-SU-2013:1337-1, openSUSE-SU-2013:1340-1, openSUSE-SU-2013:1341-1, openSUSE-SU-2014:1647-1, RHSA-2013:1133-01, RHSA-2013:1134-01, RHSA-2013:1156-01, RHSA-2013:1207-01, RHSA-2013:1208-01, RHSA-2013:1209-01, SSA:2013-218-02, SSRT101288, SUSE-SU-2014:1082-1, VIGILANCE-VUL-13117.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The mod_dav (DAV, Distributed Authoring and Versioning) module can be installed in Apache HTTP Server.

The MERGE command of mod_dav_svn applies differences between two Subversion information sources. However, if this command indicates an URI which is not configured for DAV, a segmentation fault occurs in mod_dav.

An attacker can therefore send a MERGE query for mod_dav of Apache HTTP Server, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2013-1862

Apache httpd 2.2: character injection via mod_rewrite

Synthesis of the vulnerability

An attacker can use special characters, which are not filtered by mod_rewrite of Apache httpd 2.2, in order to inject them in the log file.
Severity: 2/4.
Creation date: 14/05/2013.
Identifiers: BID-59826, c03922406, CERTA-2013-AVI-332, CERTA-2013-AVI-543, CERTA-2013-AVI-590, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CERTFR-2014-AVI-502, CERTFR-2015-AVI-286, CVE-2013-1862, HPSBUX02927, JSA10685, MDVSA-2013:174, openSUSE-SU-2013:1337-1, openSUSE-SU-2013:1340-1, openSUSE-SU-2013:1341-1, openSUSE-SU-2014:1647-1, RHSA-2013:0815-01, RHSA-2013:1133-01, RHSA-2013:1134-01, RHSA-2013:1207-01, RHSA-2013:1208-01, RHSA-2013:1209-01, SOL15877, SSRT101288, SUSE-SU-2014:1082-1, VIGILANCE-VUL-12790.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The mod_rewrite module of Apache httpd is used to edit queries. The RewriteLog directive of Apache 2.2 indicates the filename where to log performed modifications.

However, special characters contained in the client name, the username and the free text are not filtered.

An attacker can therefore use special characters, which are not filtered by mod_rewrite of Apache httpd 2.2, in order to inject them in the log file.

If the attacker injects ANSI escape sequences, they are then interpreted when the administrator displays log files in a shell terminal.
Full Vigil@nce bulletin... (Free trial)

computer weakness alert CVE-2012-4558

Apache httpd: Cross Site Scripting of mod_proxy_balancer

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Apache httpd mod_proxy_balancer, in order to execute JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 25/02/2013.
Identifiers: BID-58165, CERTA-2013-AVI-153, CERTA-2013-AVI-387, CERTFR-2014-AVI-112, CERTFR-2015-AVI-286, CVE-2012-4558, DSA-2637-1, FEDORA-2013-4541, JSA10685, MDVSA-2013:015, MDVSA-2013:015-1, openSUSE-SU-2013:0629-1, openSUSE-SU-2013:0632-1, RHSA-2013:0815-01, RHSA-2013:1012-01, RHSA-2013:1013-01, RHSA-2013:1207-01, RHSA-2013:1208-01, RHSA-2013:1209-01, SSA:2013-062-01, VIGILANCE-VUL-12458.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Apache httpd mod_proxy_balancer module is used to balance the load between several mod_proxy services.

However, the manager interface of this module does not correctly validate received data before displaying them in the generated web document.

An attacker can therefore trigger a Cross Site Scripting in Apache httpd mod_proxy_balancer, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer weakness bulletin CVE-2012-3499

Apache httpd: Cross Site Scripting of modules

Synthesis of the vulnerability

An attacker can trigger several Cross Site Scripting in the mod_info, mod_status, mod_imagemap, mod_ldap and mod_proxy_ftp modules, in order to execute JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 25/02/2013.
Identifiers: BID-58165, c03734195, CERTA-2013-AVI-153, CERTA-2013-AVI-387, CERTA-2013-AVI-543, CERTA-2013-AVI-590, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CERTFR-2015-AVI-286, CVE-2012-3499, DSA-2637-1, FEDORA-2013-4541, HPSBUX02866, JSA10685, MDVSA-2013:015, MDVSA-2013:015-1, openSUSE-SU-2013:0629-1, openSUSE-SU-2013:0632-1, RHSA-2013:0815-01, RHSA-2013:1012-01, RHSA-2013:1013-01, RHSA-2013:1207-01, RHSA-2013:1208-01, RHSA-2013:1209-01, SSA:2013-062-01, SSRT101139, VIGILANCE-VUL-12457.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Apache httpd service can use several modules.

However, the mod_info, mod_status, mod_imagemap, mod_ldap and mod_proxy_ftp modules do not correctly validate received data before displaying them in the generated web document.

An attacker can therefore trigger several Cross Site Scripting in the mod_info, mod_status, mod_imagemap, mod_ldap and mod_proxy_ftp modules, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about RedHat JBoss Enterprise Application Platform: