[
https://issues.jboss.org/browse/JBADMCON-172?page=com.atlassian.jira.plug...
]
Renaud Dubourguais updated JBADMCON-172:
----------------------------------------
Workaround Description: Upgrade to the latest version of the SEAM framework.
Workaround: Workaround Exists
CVE-2010-1871 still affects the Admin Console deployed in JBoss AS 5
and 6
--------------------------------------------------------------------------
Key: JBADMCON-172
URL:
https://issues.jboss.org/browse/JBADMCON-172
Project: JBoss Admin Console
Issue Type: Bug
Components: General Console
Affects Versions: 1.0 alpha, 1.1 alpha, 2.0 alpha
Reporter: Renaud Dubourguais
The version of the SEAM framework used by the Admin Console in JBoss AS 5 and 6 is still
affected by the CVE-2010-1871. (The Red Hat version is already patched).
This vulnerability allows pre-authentication remote code execution and functional public
exploits exist.
For more details about this issue:
-
http://blog.o0o.nu/2010/07/cve-2010-1871-jboss-seam-framework.html
-
https://access.redhat.com/security/cve/CVE-2010-1871
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira