Multiple Red Hat JBoss Products CVE-2014-3518 Remote Arbitrary Code Execution Vulnerability
BID:68890
Info
Multiple Red Hat JBoss Products CVE-2014-3518 Remote Arbitrary Code Execution Vulnerability
| Bugtraq ID: | 68890 |
| Class: | Unknown |
| CVE: |
CVE-2014-3518 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 16 2014 12:00AM |
| Updated: | Jul 16 2014 12:00AM |
| Credit: | Harun ESUR from Sceptive. |
| Vulnerable: |
Redhat JBoss SOA Platform 5.3.1 Redhat JBoss Portal 5.2.2 Redhat JBoss Enterprise Application Platform 5.2 Redhat JBoss BRMS 5.3.1 |
| Not Vulnerable: | |
Discussion
Multiple Red Hat JBoss Products CVE-2014-3518 Remote Arbitrary Code Execution Vulnerability
Multiple Red Hat JBoss Products are prone to a remote code-execution vulnerability.
Successfully exploiting this issue allows attackers to execute arbitrary code with context of the application.
The following products are vulnerable:
Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0
Red Hat JBoss BRMS 5.3.1
Red Hat JBoss Portal Platform 5.2.2
Red Hat JBoss SOA Platform 5.3.1
Multiple Red Hat JBoss Products are prone to a remote code-execution vulnerability.
Successfully exploiting this issue allows attackers to execute arbitrary code with context of the application.
The following products are vulnerable:
Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0
Red Hat JBoss BRMS 5.3.1
Red Hat JBoss Portal Platform 5.2.2
Red Hat JBoss SOA Platform 5.3.1
Exploit / POC
Multiple Red Hat JBoss Products CVE-2014-3518 Remote Arbitrary Code Execution Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Multiple Red Hat JBoss Products CVE-2014-3518 Remote Arbitrary Code Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Multiple Red Hat JBoss Products CVE-2014-3518 Remote Arbitrary Code Execution Vulnerability
References:
References: