Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-2186 |
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance. Published: October 28, 2013; 5:55:05 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-1976 |
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log. Published: July 09, 2013; 1:55:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |