CVE-2013-2035 - Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJ

CVE-2013-2035

Summary

Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp.

References

Vulnerable Configurations

cpe:2.3:a:redhat:hawtjni:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hawtjni:1.7:*:*:*:*:*:*:*

CVSS

Base:	4.4 (as of 18-01-2015 - 02:59)
Impact:
Exploitability:

CWE

CWE-94

CAPEC

Code Injection
An adversary exploits a weakness in input validation on the target to inject new code into that which is currently executing. This differs from code inclusion in that code inclusion involves the addition or replacement of a reference to a code file, which is subsequently loaded by the target and used as part of the code of some application.
Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
Manipulating User-Controlled Variables
This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:M/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHSA-2013:1029
rhsa
id RHSA-2013:1784
rhsa
id RHSA-2013:1785
rhsa
id RHSA-2013:1786
rhsa
id RHSA-2014:0029
rhsa
id RHSA-2014:0245
rhsa
id RHSA-2014:0254
rhsa
id RHSA-2014:0400
rhsa
id RHSA-2015:0034

rpms

antlr-eap6-0:2.7.7-17.redhat_4.1.ep6.el5
apache-commons-beanutils-0:1.8.3-13.redhat_6.1.ep6.el5
apache-commons-cli-0:1.2-8.redhat_3.1.ep6.el5
apache-commons-configuration-0:1.6-8.redhat_3.1.ep6.el5
apache-commons-daemon-eap6-1:1.0.15-5.redhat_1.ep6.el5
apache-commons-pool-eap6-0:1.6-7.redhat_6.1.ep6.el5
apache-cxf-0:2.7.7-1.redhat_1.1.ep6.el5
apache-cxf-xjc-utils-0:2.6.1-4.redhat_2.1.ep6.el5
apache-mime4j-0:0.6-8.redhat_3.1.ep6.el5
atinject-eap6-0:1-5.redhat_4.1.ep6.el5
cxf-xjc-boolean-0:2.6.1-4.redhat_2.1.ep6.el5
cxf-xjc-dv-0:2.6.1-4.redhat_2.1.ep6.el5
cxf-xjc-ts-0:2.6.1-4.redhat_2.1.ep6.el5
dom4j-eap6-0:1.6.1-20.redhat_6.1.ep6.el5
glassfish-jaxb-eap6-0:2.2.5-17.redhat_7.2.ep6.el5
glassfish-jsf-eap6-0:2.1.19-2.3.redhat_2.ep6.el5
glassfish-jsf12-eap6-0:1.2_15-5.b01_redhat_8.1.ep6.el5
gnu-getopt-0:1.0.13-3.redhat_4.1.ep6.el5
hibernate4-core-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el5
hibernate4-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el5
hibernate4-entitymanager-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el5
hibernate4-envers-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el5
hibernate4-infinispan-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el5
hornetq-0:2.3.12-1.Final_redhat_1.1.ep6.el5
hornetq-native-0:2.3.8-1.Final_redhat_1.ep6.el5
hornetq-native-debuginfo-0:2.3.8-1.Final_redhat_1.ep6.el5
httpserver-0:1.0.1-4.Final_redhat_3.1.ep6.el5
infinispan-0:5.2.7-2.Final_redhat_2.1.ep6.el5
infinispan-cachestore-jdbc-0:5.2.7-2.Final_redhat_2.1.ep6.el5
infinispan-cachestore-remote-0:5.2.7-2.Final_redhat_2.1.ep6.el5
infinispan-client-hotrod-0:5.2.7-2.Final_redhat_2.1.ep6.el5
infinispan-core-0:5.2.7-2.Final_redhat_2.1.ep6.el5
ironjacamar-common-api-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-common-impl-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-common-spi-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-core-api-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-core-impl-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-deployers-common-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-jdbc-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-spec-api-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
ironjacamar-validator-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el5
jacorb-jboss-0:2.3.2-12.redhat_5.1.ep6.el5
jansi-0:1.9-5.redhat_3.1.ep6.el5
javassist-eap6-0:3.18.1-1.GA_redhat_1.1.ep6.el5
jaxen-0:1.1.3-9.redhat_3.1.ep6.el5
jbosgi-metadata-0:2.2.0-2.Final_redhat_1.1.ep6.el5
jboss-aesh-0:0.33.8-1.redhat_1.1.ep6.el5
jboss-as-appclient-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-cli-0:7.3.0-5.Final_redhat_14.1.ep6.el5
jboss-as-client-all-0:7.3.0-7.Final_redhat_14.1.ep6.el5
jboss-as-clustering-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-cmp-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-configadmin-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-connector-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-console-0:2.0.6-1.Final_redhat_1.1.ep6.el5
jboss-as-controller-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-controller-client-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-core-security-0:7.3.0-7.Final_redhat_14.1.ep6.el5
jboss-as-deployment-repository-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-deployment-scanner-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-domain-http-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-domain-management-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-ee-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-ee-deployment-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-ejb3-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-embedded-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-host-controller-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jacorb-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jaxr-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jaxrs-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jdr-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jmx-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jpa-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jsf-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-jsr77-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-logging-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-mail-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-management-client-content-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-messaging-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-modcluster-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-naming-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-network-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-osgi-0:7.3.0-7.Final_redhat_14.1.ep6.el5
jboss-as-osgi-configadmin-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-osgi-service-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-platform-mbean-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-pojo-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-process-controller-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-protocol-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-remoting-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-sar-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-security-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-server-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-system-jmx-0:7.3.0-7.Final_redhat_14.1.ep6.el5
jboss-as-threads-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-transactions-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-version-0:7.3.0-7.Final_redhat_14.1.ep6.el5
jboss-as-web-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-webservices-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-weld-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-as-xts-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jboss-dmr-0:1.2.0-1.Final_redhat_1.1.ep6.el5
jboss-ejb-client-0:1.0.24-1.Final_redhat_1.1.ep6.el5
jboss-ejb3-ext-api-0:2.1.0-1.redhat_1.1.ep6.el5
jboss-genericjms-0:1.0.1-1.Final_redhat_1.1.ep6.el5
jboss-hal-0:2.0.6-1.Final_redhat_1.1.ep6.el5
jboss-jacc-api_1.4_spec-0:1.0.3-1.Final_redhat_1.1.ep6.el5
jboss-logmanager-0:1.5.1-1.Final_redhat_1.ep6.el5
jboss-marshalling-0:1.4.2-1.Final_redhat_1.1.ep6.el5
jboss-modules-0:1.3.0-2.Final_redhat_2.1.ep6.el5
jboss-remoting3-0:3.2.18-1.GA_redhat_1.1.ep6.el5
jboss-remoting3-jmx-0:1.1.2-1.Final_redhat_1.1.ep6.el5
jboss-security-negotiation-0:2.2.6-2.Final_redhat_1.2.ep6.el5
jboss-security-xacml-0:2.0.8-10.Final_redhat_5.2.ep6.el5
jboss-threads-0:2.1.1-1.Final_redhat_1.ep6.el5
jboss-vfs2-0:3.2.2-1.Final_redhat_1.1.ep6.el5
jboss-weld-1.1-api-0:1.1-8.Final_redhat_4.1.ep6.el5
jbossas-appclient-0:7.3.0-8.Final_redhat_14.1.ep6.el5
jbossas-bundles-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jbossas-core-0:7.3.0-7.Final_redhat_14.1.ep6.el5
jbossas-domain-0:7.3.0-22.Final_redhat_14.1.ep6.el5
jbossas-hornetq-native-0:2.3.8-1.Final_redhat_1.ep6.el5
jbossas-javadocs-0:7.3.0-14.Final_redhat_14.ep6.el5
jbossas-modules-eap-0:7.3.0-21.Final_redhat_14.1.ep6.el5
jbossas-product-eap-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jbossas-standalone-0:7.3.0-7.Final_redhat_14.1.ep6.el5
jbossas-welcome-content-eap-0:7.3.0-6.Final_redhat_14.1.ep6.el5
jbossts-1:4.17.15-4.Final_redhat_4.1.ep6.el5
jbossws-api-0:1.0.2-1.Final_redhat_1.2.ep6.el5
jbossws-common-0:2.2.3-1.Final_redhat_1.1.ep6.el5
jbossws-common-tools-0:1.2.0-2.Final_redhat_2.1.ep6.el5
jbossws-cxf-0:4.2.3-1.Final_redhat_1.1.ep6.el5
jbossws-native-0:4.1.2-1.Final_redhat_1.1.ep6.el5
jbossws-spi-0:2.2.2-1.Final_redhat_1.1.ep6.el5
jcip-annotations-eap6-0:1.0-5.redhat_6.1.ep6.el5
jdom-eap6-0:1.1.2-5.redhat_3.1.ep6.el5
jettison-0:1.3.1-8.redhat_3.1.ep6.el5
jgroups-1:3.2.12-1.Final_redhat_1.1.ep6.el5
juddi-0:3.1.3-4.redhat_3.1.ep6.el5
mod_cluster-0:1.2.6-2.Final_redhat_1.1.ep6.el5
mod_cluster-demo-0:1.2.6-2.Final_redhat_1.1.ep6.el5
mod_cluster-native-0:1.2.6-1.Final.redhat_1.ep6.el5
mod_cluster-native-debuginfo-0:1.2.6-1.Final.redhat_1.ep6.el5
mod_jk-ap22-0:1.2.37-4.redhat_3.ep6.el5
mod_jk-debuginfo-0:1.2.37-4.redhat_3.ep6.el5
objectweb-asm-eap6-0:3.3.1-6.3.redhat_5.ep6.el5
opensaml-0:2.5.3-3.redhat_2.1.ep6.el5
openws-0:1.4.4-2.redhat_2.1.ep6.el5
org.apache.felix.configadmin-0:1.2.8-7.redhat_4.2.ep6.el5
org.apache.felix.log-0:1.0.0-6.redhat_3.1.ep6.el5
org.osgi.core-eap6-0:4.2.0-11.10.redhat_4.ep6.el5
org.osgi.enterprise-eap6-0:4.2.0-11.10.redhat_4.ep6.el5
picketbox-0:4.0.19-1.SP2_redhat_1.1.ep6.el5
picketlink-federation-0:2.1.9-3.SP2_redhat_1.1.ep6.el5
resteasy-0:2.3.7-2.Final_redhat_2.ep6.el5
scannotation-0:1.0.3-2.redhat_4.ep6.el5
shrinkwrap-api-0:1.1.2-3.redhat_1.1.ep6.el5
shrinkwrap-impl-base-0:1.1.2-3.redhat_1.1.ep6.el5
shrinkwrap-parent-0:1.1.2-3.redhat_1.1.ep6.el5
shrinkwrap-spi-0:1.1.2-3.redhat_1.1.ep6.el5
slf4j-0:1.7.2-11.redhat_2.1.ep6.el5
slf4j-eap6-0:1.7.2-11.redhat_2.1.ep6.el5
stilts-0:0.1.26-10.redhat_3.1.ep6.el5
sun-ws-metadata-2.0-api-0:1.0.MR1-16_MR1_redhat_6.1.ep6.el5
velocity-eap6-0:1.7-4.redhat_3.1.ep6.el5
weld-cdi-1.0-api-0:1.0-9.SP4.redhat_3.1.ep6.el5
weld-core-0:1.1.16-3.Final_redhat_1.1.ep6.el5
ws-commons-XmlSchema-0:2.0.2-8.redhat_3.1.ep6.el5
ws-commons-neethi-0:3.0.2-6.redhat_3.1.ep6.el5
ws-scout-0:1.2.6-4.redhat_3.1.ep6.el5
wsdl4j-eap6-0:1.6.2-14.redhat_6.1.ep6.el5
wss4j-0:1.6.12-1.redhat_1.1.ep6.el5
xerces-j2-eap6-0:2.9.1-16.redhat_5.1.ep6.el5
xjc-utils-0:2.6.1-4.redhat_2.1.ep6.el5
xml-commons-resolver-eap6-0:1.2-16.redhat_9.1.ep6.el5
xml-security-0:1.5.5-2.redhat_2.1.ep6.el5
xmltooling-0:1.3.4-3.redhat_1.1.ep6.el5
xom-0:1.2.7-2.redhat_4.1.ep6.el5
antlr-eap6-0:2.7.7-17.redhat_4.1.ep6.el6
apache-commons-beanutils-0:1.8.3-13.redhat_6.1.ep6.el6
apache-commons-cli-0:1.2-8.redhat_3.1.ep6.el6
apache-commons-configuration-0:1.6-8.redhat_3.1.ep6.el6
apache-commons-daemon-eap6-1:1.0.15-5.redhat_1.ep6.el6
apache-commons-pool-eap6-0:1.6-7.redhat_6.1.ep6.el6
apache-cxf-0:2.7.7-1.redhat_1.1.ep6.el6
apache-cxf-xjc-utils-0:2.6.1-4.redhat_2.1.ep6.el6
apache-mime4j-0:0.6-8.redhat_3.1.ep6.el6
atinject-eap6-0:1-5.redhat_4.1.ep6.el6
cxf-xjc-boolean-0:2.6.1-4.redhat_2.1.ep6.el6
cxf-xjc-dv-0:2.6.1-4.redhat_2.1.ep6.el6
cxf-xjc-ts-0:2.6.1-4.redhat_2.1.ep6.el6
dom4j-eap6-0:1.6.1-20.redhat_6.1.ep6.el6
glassfish-jaxb-eap6-0:2.2.5-17.redhat_7.2.ep6.el6
glassfish-jsf-eap6-0:2.1.19-2.3.redhat_2.ep6.el6
glassfish-jsf12-eap6-0:1.2_15-5.b01_redhat_8.1.ep6.el6
gnu-getopt-0:1.0.13-3.redhat_4.1.ep6.el6
hibernate4-core-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el6
hibernate4-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el6
hibernate4-entitymanager-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el6
hibernate4-envers-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el6
hibernate4-infinispan-eap6-0:4.2.7-3.3.SP1_redhat_3.ep6.el6
hornetq-0:2.3.12-1.Final_redhat_1.1.ep6.el6
hornetq-native-0:2.3.8-1.Final_redhat_1.ep6.el6
hornetq-native-debuginfo-0:2.3.8-1.Final_redhat_1.ep6.el6
httpserver-0:1.0.1-4.Final_redhat_3.1.ep6.el6
infinispan-0:5.2.7-2.Final_redhat_2.1.ep6.el6
infinispan-cachestore-jdbc-0:5.2.7-2.Final_redhat_2.1.ep6.el6
infinispan-cachestore-remote-0:5.2.7-2.Final_redhat_2.1.ep6.el6
infinispan-client-hotrod-0:5.2.7-2.Final_redhat_2.1.ep6.el6
infinispan-core-0:5.2.7-2.Final_redhat_2.1.ep6.el6
ironjacamar-common-api-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-common-impl-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-common-spi-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-core-api-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-core-impl-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-deployers-common-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-jdbc-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-spec-api-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
ironjacamar-validator-eap6-0:1.0.23-1.3.Final_redhat_1.ep6.el6
jacorb-jboss-0:2.3.2-12.redhat_5.1.ep6.el6
jansi-0:1.9-5.redhat_3.1.ep6.el6
javassist-eap6-0:3.18.1-1.GA_redhat_1.1.ep6.el6
jaxen-0:1.1.3-9.redhat_3.1.ep6.el6
jbosgi-metadata-0:2.2.0-2.Final_redhat_1.1.ep6.el6
jboss-aesh-0:0.33.8-1.redhat_1.1.ep6.el6
jboss-as-appclient-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-cli-0:7.3.0-5.Final_redhat_14.1.ep6.el6
jboss-as-client-all-0:7.3.0-7.Final_redhat_14.1.ep6.el6
jboss-as-clustering-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-cmp-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-configadmin-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-connector-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-console-0:2.0.6-1.Final_redhat_1.1.ep6.el6
jboss-as-controller-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-controller-client-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-core-security-0:7.3.0-7.Final_redhat_14.1.ep6.el6
jboss-as-deployment-repository-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-deployment-scanner-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-domain-http-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-domain-management-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-ee-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-ee-deployment-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-ejb3-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-embedded-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-host-controller-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jacorb-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jaxr-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jaxrs-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jdr-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jmx-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jpa-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jsf-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-jsr77-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-logging-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-mail-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-management-client-content-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-messaging-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-modcluster-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-naming-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-network-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-osgi-0:7.3.0-7.Final_redhat_14.1.ep6.el6
jboss-as-osgi-configadmin-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-osgi-service-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-platform-mbean-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-pojo-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-process-controller-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-protocol-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-remoting-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-sar-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-security-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-server-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-system-jmx-0:7.3.0-7.Final_redhat_14.1.ep6.el6
jboss-as-threads-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-transactions-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-version-0:7.3.0-7.Final_redhat_14.1.ep6.el6
jboss-as-web-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-webservices-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-weld-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-as-xts-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jboss-dmr-0:1.2.0-1.Final_redhat_1.1.ep6.el6
jboss-ejb-client-0:1.0.24-1.Final_redhat_1.1.ep6.el6
jboss-ejb3-ext-api-0:2.1.0-1.redhat_1.1.ep6.el6
jboss-genericjms-0:1.0.1-1.Final_redhat_1.1.ep6.el6
jboss-hal-0:2.0.6-1.Final_redhat_1.1.ep6.el6
jboss-jacc-api_1.4_spec-0:1.0.3-1.Final_redhat_1.1.ep6.el6
jboss-logmanager-0:1.5.1-1.Final_redhat_1.ep6.el6
jboss-marshalling-0:1.4.2-1.Final_redhat_1.1.ep6.el6
jboss-modules-0:1.3.0-2.Final_redhat_2.1.ep6.el6
jboss-remoting3-0:3.2.18-1.GA_redhat_1.1.ep6.el6
jboss-remoting3-jmx-0:1.1.2-1.Final_redhat_1.1.ep6.el6
jboss-security-negotiation-0:2.2.6-2.Final_redhat_1.2.ep6.el6
jboss-security-xacml-0:2.0.8-10.Final_redhat_5.2.ep6.el6
jboss-threads-0:2.1.1-1.Final_redhat_1.ep6.el6
jboss-vfs2-0:3.2.2-1.Final_redhat_1.1.ep6.el6
jboss-weld-1.1-api-0:1.1-8.Final_redhat_4.1.ep6.el6
jbossas-appclient-0:7.3.0-8.Final_redhat_14.1.ep6.el6
jbossas-bundles-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jbossas-core-0:7.3.0-7.Final_redhat_14.1.ep6.el6
jbossas-domain-0:7.3.0-22.Final_redhat_14.1.ep6.el6
jbossas-hornetq-native-0:2.3.8-1.Final_redhat_1.ep6.el6
jbossas-javadocs-0:7.3.0-14.Final_redhat_14.ep6.el6
jbossas-modules-eap-0:7.3.0-21.Final_redhat_14.1.ep6.el6
jbossas-product-eap-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jbossas-standalone-0:7.3.0-7.Final_redhat_14.1.ep6.el6
jbossas-welcome-content-eap-0:7.3.0-6.Final_redhat_14.1.ep6.el6
jbossts-1:4.17.15-4.Final_redhat_4.1.ep6.el6
jbossws-api-0:1.0.2-1.Final_redhat_1.2.ep6.el6
jbossws-common-0:2.2.3-1.Final_redhat_1.1.ep6.el6
jbossws-common-tools-0:1.2.0-2.Final_redhat_2.1.ep6.el6
jbossws-cxf-0:4.2.3-1.Final_redhat_1.1.ep6.el6
jbossws-native-0:4.1.2-1.Final_redhat_1.1.ep6.el6
jbossws-spi-0:2.2.2-1.Final_redhat_1.1.ep6.el6
jcip-annotations-eap6-0:1.0-5.redhat_6.1.ep6.el6
jdom-eap6-0:1.1.2-5.redhat_3.1.ep6.el6
jettison-0:1.3.1-8.redhat_3.1.ep6.el6
jgroups-1:3.2.12-1.Final_redhat_1.1.ep6.el6
juddi-0:3.1.3-4.redhat_3.1.ep6.el6
mod_cluster-0:1.2.6-2.Final_redhat_1.1.ep6.el6
mod_cluster-demo-0:1.2.6-2.Final_redhat_1.1.ep6.el6
mod_cluster-native-0:1.2.6-1.Final.redhat_1.ep6.el6
mod_cluster-native-debuginfo-0:1.2.6-1.Final.redhat_1.ep6.el6
mod_jk-ap22-0:1.2.37-4.redhat_3.ep6.el6
mod_jk-debuginfo-0:1.2.37-4.redhat_3.ep6.el6
objectweb-asm-eap6-0:3.3.1-6.3.redhat_5.ep6.el6
opensaml-0:2.5.3-3.redhat_2.1.ep6.el6
openws-0:1.4.4-2.redhat_2.1.ep6.el6
org.apache.felix.configadmin-0:1.2.8-7.redhat_4.2.ep6.el6
org.apache.felix.log-0:1.0.0-6.redhat_3.1.ep6.el6
org.osgi.core-eap6-0:4.2.0-11.10.redhat_4.ep6.el6
org.osgi.enterprise-eap6-0:4.2.0-11.10.redhat_4.ep6.el6
picketbox-0:4.0.19-1.SP2_redhat_1.1.ep6.el6
picketlink-federation-0:2.1.9-3.SP2_redhat_1.1.ep6.el6
resteasy-0:2.3.7-2.Final_redhat_2.ep6.el6
scannotation-0:1.0.3-2.redhat_4.ep6.el6
shrinkwrap-api-0:1.1.2-3.redhat_1.1.ep6.el6
shrinkwrap-impl-base-0:1.1.2-3.redhat_1.1.ep6.el6
shrinkwrap-parent-0:1.1.2-3.redhat_1.1.ep6.el6
shrinkwrap-spi-0:1.1.2-3.redhat_1.1.ep6.el6
slf4j-eap6-0:1.7.2-11.redhat_2.1.ep6.el6
stilts-0:0.1.26-10.redhat_3.1.ep6.el6
sun-ws-metadata-2.0-api-0:1.0.MR1-16_MR1_redhat_6.1.ep6.el6
velocity-eap6-0:1.7-4.redhat_3.1.ep6.el6
weld-cdi-1.0-api-0:1.0-9.SP4.redhat_3.1.ep6.el6
weld-core-0:1.1.16-3.Final_redhat_1.1.ep6.el6
ws-commons-XmlSchema-0:2.0.2-8.redhat_3.1.ep6.el6
ws-commons-neethi-0:3.0.2-6.redhat_3.1.ep6.el6
ws-scout-0:1.2.6-4.redhat_3.1.ep6.el6
wsdl4j-eap6-0:1.6.2-14.redhat_6.1.ep6.el6
wss4j-0:1.6.12-1.redhat_1.1.ep6.el6
xerces-j2-eap6-0:2.9.1-16.redhat_5.1.ep6.el6
xjc-utils-0:2.6.1-4.redhat_2.1.ep6.el6
xml-commons-resolver-eap6-0:1.2-16.redhat_9.1.ep6.el6
xml-security-0:1.5.5-2.redhat_2.1.ep6.el6
xmltooling-0:1.3.4-3.redhat_1.1.ep6.el6
xom-0:1.2.7-2.redhat_4.1.ep6.el6
activemq-0:5.9.0-4.redhat.610328.el6op
activemq-client-0:5.9.0-4.redhat.610328.el6op
activemq-0:5.9.0-4.redhat.610328.el6op
activemq-client-0:5.9.0-4.redhat.610328.el6op

refmap via4

confirm	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2035 https://github.com/fusesource/hawtjni/commit/92c266170ce98edc200c656bd034a237098b8aa5 https://github.com/jline/jline2/issues/85 https://github.com/jruby/jruby/issues/732
osvdb	93411
sectrack	1029431
secunia	53415 54108 57915

Last major update

18-01-2015 - 02:59

Published

28-08-2013 - 23:55

Last modified

18-01-2015 - 02:59