1. CVE-Search
  2. CVE-2012-2672
ID CVE-2012-2672
Summary Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext reference during startup, which allows local users to obtain context information an access resources from another WAR file by calling the FacesContext.getCurrentInstance function.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:mojarra:2.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mojarra:2.1.7:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • rhsa
    id RHSA-2012:1591
  • rhsa
    id RHSA-2012:1592
  • rhsa
    id RHSA-2012:1594
rpms
  • antlr-eap6-0:2.7.7-15_redhat_2.ep6.el5
  • apache-commons-beanutils-0:1.8.3-10.redhat_2.ep6.el5
  • apache-commons-cli-0:1.2-7.5.redhat_2.ep6.el5.4
  • apache-commons-codec-eap6-0:1.4-14.redhat_2.ep6.el5.1
  • apache-commons-collections-0:3.2.1-10.redhat_2.ep6.el5
  • apache-commons-collections-eap6-0:3.2.1-13.redhat_2.ep6.el5.1
  • apache-commons-configuration-0:1.6-7.2.redhat_2.ep6.el5.5
  • apache-commons-daemon-jsvc-eap6-1:1.0.10-3.ep6.el5
  • apache-commons-daemon-jsvc-eap6-debuginfo-1:1.0.10-3.ep6.el5
  • apache-commons-io-eap6-0:2.1-6.redhat_2.ep6.el5.1
  • apache-commons-lang-0:2.6-3.redhat_2.ep6.el5
  • apache-commons-lang-eap6-0:2.6-5redhat_2.ep6.el5.1
  • apache-commons-pool-eap6-0:1.5.6-8.redhat_2.ep6.el5.1
  • apache-cxf-0:2.4.9-4.redhat_2.ep6.el5
  • apache-cxf-xjc-utils-0:2.4.0-11.redhat_2.ep6.el5.4
  • apache-mime4j-0:0.6-7.redhat_2.ep6.el5.5
  • atinject-0:1-8.2_redhat_2.ep6.el5.5
  • cal10n-0:0.7.3-8.redhat_2.ep6.el5.5
  • codehaus-jackson-0:1.9.2-6_redhat_2.ep6.el5.5
  • codehaus-jackson-core-asl-0:1.9.2-6_redhat_2.ep6.el5.5
  • codehaus-jackson-jaxrs-0:1.9.2-6_redhat_2.ep6.el5.5
  • codehaus-jackson-mapper-asl-0:1.9.2-6_redhat_2.ep6.el5.5
  • codehaus-jackson-xc-0:1.9.2-6_redhat_2.ep6.el5.5
  • cxf-xjc-boolean-0:2.4.0-11.redhat_2.ep6.el5.4
  • cxf-xjc-dv-0:2.4.0-11.redhat_2.ep6.el5.4
  • cxf-xjc-ts-0:2.4.0-11.redhat_2.ep6.el5.4
  • dom4j-0:1.6.1-14_redhat_3.ep6.el5
  • glassfish-jaf-0:1.1.1-16.redhat_2.ep6.el5
  • glassfish-javamail-0:1.4.4-16.redhat_2.ep6.el5
  • glassfish-jaxb-0:2.2.5-10_redhat_3.ep6.el5
  • glassfish-jsf-0:2.1.13-1_redhat_1.ep6.el5
  • glassfish-jsf12-0:1.2_15-9_b01_redhat_2.ep6.el5
  • gnu-getopt-0:1.0.13-1.2_redhat_2.ep6.el5.5
  • guava-0:11.0.2-0.5.redhat_2.ep6.el5.6
  • h2database-0:1.3.168-2_redhat_1.ep6.el5
  • hibernate-beanvalidation-api-0:1.0.0-4.7.GA_redhat_2.ep6.el5.3
  • hibernate-jpa-2.0-api-0:1.0.1-5.Final_redhat_2.1.ep6.el5.4
  • hibernate3-commons-annotations-0:4.0.1-5.Final_redhat_2.1.ep6.el5.3
  • hibernate4-0:4.1.6-3.5.Final_redhat_2.ep6.el5
  • hibernate4-core-0:4.1.6-3.5.Final_redhat_2.ep6.el5
  • hibernate4-entitymanager-0:4.1.6-3.5.Final_redhat_2.ep6.el5
  • hibernate4-envers-0:4.1.6-3.5.Final_redhat_2.ep6.el5
  • hibernate4-infinispan-0:4.1.6-3.5.Final_redhat_2.ep6.el5
  • hibernate4-validator-0:4.2.0-7.Final_redhat_2.1.ep6.el5.4
  • hornetq-0:2.2.23-1.Final_redhat_1.ep6.el5
  • hornetq-native-0:2.2.21-1.1.Final.ep6.el5
  • hornetq-native-debuginfo-0:2.2.21-1.1.Final.ep6.el5
  • httpcomponents-httpclient-0:4.1.3-4_redhat_2.ep6.el5
  • httpcomponents-httpcore-0:4.1.4-4_redhat_2.ep6.el5
  • httpd-0:2.2.22-14.ep6.el5
  • httpd-debuginfo-0:2.2.22-14.ep6.el5
  • httpd-devel-0:2.2.22-14.ep6.el5
  • httpd-tools-0:2.2.22-14.ep6.el5
  • httpserver-0:1.0.1-3.Final_redhat_2.ep6.el5.3
  • infinispan-0:5.1.8-1.Final_redhat_1.ep6.el5
  • infinispan-cachestore-jdbc-0:5.1.8-1.Final_redhat_1.ep6.el5
  • infinispan-cachestore-remote-0:5.1.8-1.Final_redhat_1.ep6.el5
  • infinispan-client-hotrod-0:5.1.8-1.Final_redhat_1.ep6.el5
  • infinispan-core-0:5.1.8-1.Final_redhat_1.ep6.el5
  • ironjacamar-0:1.0.13-1.Final_redhat_1.ep6.el5
  • jacorb-jboss-0:2.3.2-3.redhat_2.ep6.el5.3
  • jandex-0:1.0.3-7.Final_redhat_2.ep6.el5.2
  • javassist-0:3.15.0-5.GA_redhat_2.ep6.el5.3
  • javassist-eap6-0:3.15.0-5.GA_redhat_2.ep6.el5.3
  • jaxbintros-0:1.0.2-11.GA_redhat_2.ep6.el5.3
  • jaxen-0:1.1.3-8.redhat_2.ep6.el5.4
  • jaxws-jboss-httpserver-httpspi-0:1.0.1-3.GA_redhat_2.ep6.el5.3
  • jbosgi-deployment-0:1.1.0-2.Final_redhat_3.ep6.el5.3
  • jbosgi-framework-core-0:1.3.1-3.CR1_redhat_1.ep6.el5
  • jbosgi-metadata-0:2.1.0-2.Final_redhat_3.ep6.el5.3
  • jbosgi-repository-0:1.2.0-2.Final_redhat_2.ep6.el5.2
  • jbosgi-resolver-0:2.1.0-2.Final_redhat_3.ep6.el5.3
  • jbosgi-spi-0:3.1.0-3.Final_redhat_3.ep6.el5
  • jbosgi-vfs-0:1.1.0-2.Final_redhat_2.ep6.el5.2
  • jboss-annotations-api_1.1_spec-0:1.0.1-3.2.Final_redhat_2.ep6.el5
  • jboss-as-appclient-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-cli-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-client-all-0:7.1.3-4.1.Final_redhat_4.ep6.el5
  • jboss-as-clustering-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-cmp-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-configadmin-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-connector-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-console-0:1.4.2-1.Final_redhat_1.ep6.el5
  • jboss-as-controller-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-controller-client-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-deployment-repository-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-deployment-scanner-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-domain-http-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-domain-management-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-ee-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-ee-deployment-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-ejb3-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-embedded-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-host-controller-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jacorb-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jaxr-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jaxrs-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jdr-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jmx-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jpa-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jsf-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-jsr77-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-logging-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-mail-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-management-client-content-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-messaging-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-modcluster-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-naming-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-network-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-osgi-configadmin-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-osgi-service-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-platform-mbean-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-pojo-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-process-controller-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-protocol-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-remoting-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-sar-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-security-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-server-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-threads-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-transactions-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-web-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-webservices-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-weld-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-as-xts-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jboss-classfilewriter-0:1.0.3-2.Final_redhat_1.ep6.el5
  • jboss-common-beans-0:1.0.0-5.Final_redhat_2.ep6.el5
  • jboss-common-core-1:2.2.17-10.GA_redhat_2.ep6.el5
  • jboss-connector-api_1.6_spec-0:1.0.1-3.3.Final_redhat_2.ep6.el5
  • jboss-dmr-0:1.1.1-8.Final_redhat_2.ep6.el5
  • jboss-ejb-api_3.1_spec-0:1.0.2-10.Final_redhat_2.ep6.el5
  • jboss-ejb-client-0:1.0.11-2.Final_redhat_1.ep6.el5
  • jboss-ejb3-ext-api-0:2.0.0-9.redhat_2.ep6.el5
  • jboss-el-api_2.2_spec-0:1.0.2-2.Final_redhat_1.ep6.el5
  • jboss-iiop-client-0:1.0.0-4.Final_redhat_2.1.ep6.el5
  • jboss-interceptors-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el5
  • jboss-invocation-0:1.1.1-5.Final_redhat_2.ep6.el5.4
  • jboss-j2eemgmt-api_1.1_spec-0:1.0.1-5.Final_redhat_2.ep6.el5
  • jboss-jacc-api_1.4_spec-0:1.0.2-5.Final_redhat_2.ep6.el5
  • jboss-jad-api_1.2_spec-0:1.0.1-6.Final_redhat_2.ep6.el5
  • jboss-jaspi-api_1.0_spec-0:1.0.1-6.Final_redhat_2.ep6.el5
  • jboss-jaxb-api_2.2_spec-0:1.0.4-3.Final_redhat_2.1.ep6.el5.1
  • jboss-jaxr-api_1.0_spec-0:1.0.2-4.Final_redhat_2.ep6.el5
  • jboss-jaxrpc-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el5
  • jboss-jaxrs-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el5
  • jboss-jaxws-api_2.2_spec-0:2.0.1-5.Final_redhat_2.ep6.el5
  • jboss-jms-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el5
  • jboss-jsf-api_2.1_spec-0:2.0.7-1.Final_redhat_1.ep6.el5
  • jboss-jsp-api_2.2_spec-0:1.0.1-5.Final_redhat_2.ep6.el5
  • jboss-jstl-api_1.2_spec-0:1.0.3-3.Final_redhat_2.ep6.el5
  • jboss-logging-0:3.1.2-3.GA_redhat_1.ep6.el5
  • jboss-logmanager-0:1.3.2-2.Final_redhat_1.ep6.el5
  • jboss-marshalling-0:1.3.15-2.GA_redhat_1.ep6.el5
  • jboss-metadata-0:7.0.4-2.Final_redhat_1.ep6.el5
  • jboss-metadata-appclient-0:7.0.4-2.Final_redhat_1.ep6.el5
  • jboss-metadata-common-0:7.0.4-2.Final_redhat_1.ep6.el5
  • jboss-metadata-ear-0:7.0.4-2.Final_redhat_1.ep6.el5
  • jboss-metadata-ejb-0:7.0.4-2.Final_redhat_1.ep6.el5
  • jboss-metadata-web-0:7.0.4-2.Final_redhat_1.ep6.el5
  • jboss-modules-0:1.1.3-2.GA_redhat_1.ep6.el5.1
  • jboss-msc-0:1.0.2-3.GA_redhat_2.2.ep6.el5
  • jboss-osgi-logging-0:1.0.0-5._redhat_2.1.ep6.el5.2
  • jboss-remote-naming-0:1.0.4-2.Final_redhat_1.ep6.el5.1
  • jboss-remoting3-0:3.2.14-1.GA_redhat_1.ep6.el5
  • jboss-remoting3-jmx-0:1.0.4-2.Final_redhat_1.ep6.el5.7
  • jboss-rmi-api_1.0_spec-0:1.0.4-9.2.Final_redhat_2.ep6.el5
  • jboss-saaj-api_1.3_spec-0:1.0.2-4_redhat_2.ep6.el5
  • jboss-sasl-0:1.0.3-2.Final_redhat_1.ep6.el5
  • jboss-seam-int-0:6.0.0-8.GA_redhat_2.ep6.el5
  • jboss-security-negotiation-0:2.2.1-2.Final_redhat_1.ep6.el5
  • jboss-security-xacml-0:2.0.8-5.Final_redhat_2.ep6.el5
  • jboss-servlet-api_2.5_spec-0:1.0.1-9.Final_redhat_2.ep6.el5
  • jboss-servlet-api_3.0_spec-0:1.0.1-11.Final_redhat_2.ep6.el5
  • jboss-specs-parent-0:1.0.0-5.Beta2_redhat_2.ep6.el5
  • jboss-stdio-0:1.0.1-7.GA_redhat_2.ep6.el5
  • jboss-threads-0:2.0.0-7.GA_redhat_2.ep6.el5
  • jboss-transaction-api_1.1_spec-0:1.0.1-5.Final_redhat_2.ep6.el5
  • jboss-transaction-spi-0:7.0.0-0.10.Final_redhat_2.ep6.el5
  • jboss-vfs2-0:3.1.0-4.Final_redhat_2.ep6.el5
  • jboss-weld-1.1-api-0:1.1-6.Final_redhat_2.ep6.el5.1
  • jboss-xnio-base-0:3.0.7-1.GA_redhat_1.ep6.el5
  • jbossas-appclient-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossas-bundles-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossas-core-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossas-domain-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossas-hornetq-native-0:2.2.21-1.1.Final.ep6.el5
  • jbossas-javadocs-0:7.1.3-4.Final_redhat_3.ep6.el5
  • jbossas-jbossweb-native-0:1.1.24-1.1.ep6.el5
  • jbossas-modules-eap-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossas-product-eap-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossas-standalone-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossas-welcome-content-eap-0:7.1.3-4.Final_redhat_4.ep6.el5
  • jbossts-1:4.16.6-1.Final_redhat_1.ep6.el5
  • jbossweb-0:7.0.17-1.Final_redhat_1.ep6.el5
  • jbossweb-lib-0:7.0.17-1.Final_redhat_1.ep6.el5
  • jbossws-api-0:1.0.0-3.GA_redhat_2.ep6.el5.3
  • jbossws-common-0:2.0.4-5.GA_redhat_3.ep6.el5.5
  • jbossws-common-tools-0:1.0.2-1.GA_redhat_1.ep6.el5
  • jbossws-cxf-0:4.0.6-2.GA_redhat_2.ep6.el5
  • jbossws-native-0:4.0.6-1.GA_redhat_1.ep6.el5
  • jbossws-spi-0:2.0.4-3.1.GA_redhat_1.ep6.el5
  • jbossxb2-0:2.0.3-13.GA_redhat_2.ep6.el5.3
  • jcip-annotations-0:1.0-2.2.3_redhat_2.ep6.el5.5
  • jdom-eap6-0:1.1.2-4.GA_redhat_2.ep6.el5
  • jettison-0:1.3.1-7_redhat_2.ep6.el5
  • jgroups-1:3.0.14-2.Final_redhat_1.ep6.el5
  • jline-eap6-0:0.9.94-10.GA_redhat_2.ep6.el5.4
  • joda-time-0:1.6.2-5.redhat_3.ep6.el5.4
  • jtype-0:0.1.1-9_redhat_2.3.ep6.el5.4
  • juddi-0:3.1.3-3_redhat_2.1.ep6.el5.3
  • jul-to-slf4j-stub-0:1.0.0-4.Final_redhat_2.1.ep6.el5.2
  • jython-eap6-0:2.5.2-5.redhat_2.ep6.el5.4
  • log4j-eap6-0:1.2.16-11.redhat_2.ep6.el5.4
  • log4j-jboss-logmanager-0:1.0.1-3.Final_redhat_2.ep6.el5
  • mod_cluster-0:1.2.3-1.Final_redhat_1.ep6.el5
  • mod_cluster-demo-0:1.2.3-1.Final_redhat_1.ep6.el5
  • mod_cluster-native-0:1.2.3-3.Final.ep6.el5
  • mod_cluster-native-debuginfo-0:1.2.3-3.Final.ep6.el5
  • mod_jk-ap22-0:1.2.36-5.1.ep6.el5
  • mod_jk-debuginfo-0:1.2.36-5.1.ep6.el5
  • mod_ssl-1:2.2.22-14.ep6.el5
  • netty-0:3.2.6-2_redhat_2.2.ep6.el5.4
  • objectweb-asm-eap6-0:3.3.1-5_redhat_2.ep6.el5.3
  • org.apache.felix.configadmin-0:1.2.8-4_redhat_2.ep6.el5
  • org.apache.felix.log-0:1.0.0-5.redhat_2.ep6.el5
  • org.osgi.core-0:4.2.0-4.redhat_2.ep6.el5.3
  • org.osgi.enterprise-0:4.2.0-4.redhat_2.ep6.el5.3
  • picketbox-0:4.0.14-2.Final_redhat_2.ep6.el5
  • picketbox-commons-0:1.0.0-0.8.final_redhat_2.ep6.el5.3
  • picketlink-federation-0:2.1.3.1-3.redhat_1.ep6.el5
  • relaxngDatatype-0:2011.1-0.1_redhat_3.ep6.el5.4
  • resteasy-0:2.3.4-4.Final_redhat_2.ep6.el5.3
  • rngom-0:201103-0.5.redhat_2.ep6.el5.4
  • scannotation-0:1.0.2-8.redhat_2.ep6.el5.2
  • shrinkwrap-0:1.0.0-16.redhat_2.ep6.el5
  • slf4j-0:1.6.1-23.redhat_2.ep6.el5
  • slf4j-eap6-0:1.6.1-23.redhat_2.ep6.el5
  • slf4j-jboss-logmanager-0:1.0.0-7.GA_redhat_2.3.ep6.el5.2
  • snakeyaml-0:1.8-8.redhat_2.ep6.el5.2
  • staxmapper-0:1.1.0-6.Final_redhat_2.ep6.el5.2
  • stilts-0:0.1.26-6.GA.redhat_2.ep6.el5.4
  • sun-codemodel-0:2.6-3_redhat_2.ep6.el5.3
  • sun-istack-commons-1:2.6.1-9_redhat_2.ep6.el5
  • sun-saaj-1.3-impl-0:1.3.16-9.redhat_2.ep6.el5.3
  • sun-txw2-0:20110809-6_redhat_2.ep6.el5.4
  • sun-ws-metadata-2.0-api-0:1.0.MR1-12_MR1_redhat_2.ep6.el5.4
  • sun-xsom-0:20110809-5_redhat_3.ep6.el5.3
  • tomcat-native-0:1.1.24-1.1.ep6.el5
  • tomcat-native-debuginfo-0:1.1.24-1.1.ep6.el5
  • velocity-eap6-0:1.6.3-7.redhat_2.ep6.el5.4
  • weld-cdi-1.0-api-0:1.0-6.SP4_redhat_2.ep6.el5.5
  • weld-core-0:1.1.10-2.Final_redhat_1.ep6.el5.1
  • woodstox-core-0:4.1.1-1.redhat_2.ep6.el5.4
  • woodstox-stax2-api-0:3.1.1-1.redhat_2.ep6.el5.4
  • ws-commons-XmlSchema-0:2.0.2-7.redhat_2.ep6.el5
  • ws-commons-neethi-0:3.0.2-5.redhat_2.ep6.el5
  • ws-scout-0:1.2.6-3.redhat_2.2.ep6.el5.5
  • wsdl4j-eap6-0:1.6.2-11.redhat_2.ep6.el5
  • wss4j-0:1.6.7-1.redhat_1.ep6.el5
  • xalan-j2-eap6-0:2.7.1-6.12.redhat_3.ep6.el5.2
  • xerces-j2-eap6-0:2.9.1-13_redhat_3.ep6.el5
  • xml-commons-resolver-eap6-0:1.2-10.redhat_2.ep6.el5.3
  • xml-security-0:1.5.2-2.redhat_1.ep6.el5
  • xom-0:1.2.7-1._redhat_3.1.ep6.el5.6
  • antlr-eap6-0:2.7.7-15_redhat_2.ep6.el6
  • apache-commons-beanutils-0:1.8.3-10.redhat_2.ep6.el6
  • apache-commons-cli-0:1.2-7.5.redhat_2.ep6.el6.4
  • apache-commons-codec-eap6-0:1.4-14.redhat_2.ep6.el6.1
  • apache-commons-collections-eap6-0:3.2.1-13.redhat_2.ep6.el6.1
  • apache-commons-configuration-0:1.6-7.2.redhat_2.ep6.el6.5
  • apache-commons-daemon-jsvc-eap6-1:1.0.10-3.ep6.el6
  • apache-commons-daemon-jsvc-eap6-debuginfo-1:1.0.10-3.ep6.el6
  • apache-commons-io-eap6-0:2.1-6.redhat_2.ep6.el6.1
  • apache-commons-lang-eap6-0:2.6-5redhat_2.ep6.el6.1
  • apache-commons-pool-eap6-0:1.5.6-8.redhat_2.ep6.el6.1
  • apache-cxf-0:2.4.9-4.redhat_2.ep6.el6
  • apache-cxf-xjc-utils-0:2.4.0-11.redhat_2.ep6.el6.4
  • apache-mime4j-0:0.6-7.redhat_2.ep6.el6.5
  • atinject-0:1-8.2_redhat_2.ep6.el6.5
  • cal10n-0:0.7.3-8.redhat_2.ep6.el6.5
  • codehaus-jackson-0:1.9.2-6_redhat_2.ep6.el6.5
  • codehaus-jackson-core-asl-0:1.9.2-6_redhat_2.ep6.el6.5
  • codehaus-jackson-jaxrs-0:1.9.2-6_redhat_2.ep6.el6.5
  • codehaus-jackson-mapper-asl-0:1.9.2-6_redhat_2.ep6.el6.5
  • codehaus-jackson-xc-0:1.9.2-6_redhat_2.ep6.el6.5
  • cxf-xjc-boolean-0:2.4.0-11.redhat_2.ep6.el6.4
  • cxf-xjc-dv-0:2.4.0-11.redhat_2.ep6.el6.4
  • cxf-xjc-ts-0:2.4.0-11.redhat_2.ep6.el6.4
  • dom4j-0:1.6.1-14_redhat_3.ep6.el6
  • glassfish-jaf-0:1.1.1-14.redhat_2.ep6.el6.3
  • glassfish-javamail-0:1.4.4-16.redhat_2.ep6.el6
  • glassfish-jaxb-0:2.2.5-10_redhat_3.ep6.el6
  • glassfish-jsf-0:2.1.13-1_redhat_1.ep6.el6
  • glassfish-jsf12-0:1.2_15-8_b01_redhat_2.ep6.el6.4
  • gnu-getopt-0:1.0.13-1.2_redhat_2.ep6.el6.5
  • guava-0:11.0.2-0.5.redhat_2.ep6.el6.6
  • h2database-0:1.3.168-2_redhat_1.ep6.el6
  • hibernate-beanvalidation-api-0:1.0.0-4.7.GA_redhat_2.ep6.el6.3
  • hibernate-jpa-2.0-api-0:1.0.1-5.Final_redhat_2.1.ep6.el6.4
  • hibernate3-commons-annotations-0:4.0.1-5.Final_redhat_2.1.ep6.el6.3
  • hibernate4-0:4.1.6-7.Final_redhat_3.ep6.el6
  • hibernate4-core-0:4.1.6-7.Final_redhat_3.ep6.el6
  • hibernate4-entitymanager-0:4.1.6-7.Final_redhat_3.ep6.el6
  • hibernate4-envers-0:4.1.6-7.Final_redhat_3.ep6.el6
  • hibernate4-infinispan-0:4.1.6-7.Final_redhat_3.ep6.el6
  • hibernate4-validator-0:4.2.0-7.Final_redhat_2.1.ep6.el6.4
  • hornetq-0:2.2.23-1.Final_redhat_1.ep6.el6
  • hornetq-native-0:2.2.21-1.Final.ep6.el6
  • hornetq-native-debuginfo-0:2.2.21-1.Final.ep6.el6
  • httpcomponents-httpclient-0:4.1.3-4_redhat_2.ep6.el6
  • httpcomponents-httpcore-0:4.1.4-4_redhat_2.ep6.el6
  • httpd-0:2.2.22-14.ep6.el6
  • httpd-debuginfo-0:2.2.22-14.ep6.el6
  • httpd-devel-0:2.2.22-14.ep6.el6
  • httpd-tools-0:2.2.22-14.ep6.el6
  • httpserver-0:1.0.1-3.Final_redhat_2.ep6.el6.3
  • infinispan-0:5.1.8-1.Final_redhat_1.ep6.el6
  • infinispan-cachestore-jdbc-0:5.1.8-1.Final_redhat_1.ep6.el6
  • infinispan-cachestore-remote-0:5.1.8-1.Final_redhat_1.ep6.el6
  • infinispan-client-hotrod-0:5.1.8-1.Final_redhat_1.ep6.el6
  • infinispan-core-0:5.1.8-1.Final_redhat_1.ep6.el6
  • ironjacamar-0:1.0.13-1.Final_redhat_1.ep6.el6
  • jacorb-jboss-0:2.3.2-3.redhat_2.ep6.el6.3
  • jandex-0:1.0.3-7.Final_redhat_2.ep6.el6.2
  • javassist-0:3.15.0-5.GA_redhat_2.ep6.el6.3
  • javassist-eap6-0:3.15.0-5.GA_redhat_2.ep6.el6.3
  • jaxbintros-0:1.0.2-11.GA_redhat_2.ep6.el6.3
  • jaxen-0:1.1.3-8.redhat_2.ep6.el6.4
  • jaxws-jboss-httpserver-httpspi-0:1.0.1-3.GA_redhat_2.ep6.el6.3
  • jbosgi-deployment-0:1.1.0-2.Final_redhat_3.ep6.el6.3
  • jbosgi-framework-core-0:1.3.1-3.CR1_redhat_1.ep6.el6
  • jbosgi-metadata-0:2.1.0-2.Final_redhat_3.ep6.el6.3
  • jbosgi-repository-0:1.2.0-1.Final_redhat_2.ep6.el6.2
  • jbosgi-resolver-0:2.1.0-2.Final_redhat_3.ep6.el6.3
  • jbosgi-spi-0:3.1.0-3.Final_redhat_3.ep6.el6
  • jbosgi-vfs-0:1.1.0-1.Final_redhat_2.ep6.el6.2
  • jboss-annotations-api_1.1_spec-0:1.0.1-3.2.Final_redhat_2.ep6.el6
  • jboss-as-appclient-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-cli-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-client-all-0:7.1.3-4.1.Final_redhat_4.ep6.el6
  • jboss-as-clustering-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-cmp-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-configadmin-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-connector-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-console-0:1.4.2-1.Final_redhat_1.ep6.el6
  • jboss-as-controller-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-controller-client-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-deployment-repository-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-deployment-scanner-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-domain-http-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-domain-management-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-ee-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-ee-deployment-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-ejb3-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-embedded-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-host-controller-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jacorb-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jaxr-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jaxrs-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jdr-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jmx-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jpa-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jsf-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-jsr77-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-logging-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-mail-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-management-client-content-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-messaging-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-modcluster-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-naming-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-network-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-osgi-configadmin-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-osgi-service-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-platform-mbean-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-pojo-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-process-controller-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-protocol-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-remoting-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-sar-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-security-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-server-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-threads-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-transactions-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-web-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-webservices-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-weld-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-as-xts-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jboss-classfilewriter-0:1.0.3-2.Final_redhat_1.ep6.el6
  • jboss-common-beans-0:1.0.0-5.Final_redhat_2.ep6.el6
  • jboss-common-core-1:2.2.17-10.GA_redhat_2.ep6.el6
  • jboss-connector-api_1.6_spec-0:1.0.1-3.3.Final_redhat_2.ep6.el6
  • jboss-dmr-0:1.1.1-8.Final_redhat_2.ep6.el6
  • jboss-ejb-api_3.1_spec-0:1.0.2-10.Final_redhat_2.ep6.el6
  • jboss-ejb-client-0:1.0.11-2.Final_redhat_1.ep6.el6
  • jboss-ejb3-ext-api-0:2.0.0-9.redhat_2.ep6.el6
  • jboss-el-api_2.2_spec-0:1.0.2-2.Final_redhat_1.ep6.el6
  • jboss-iiop-client-0:1.0.0-4.Final_redhat_2.1.ep6.el6
  • jboss-interceptors-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el6
  • jboss-invocation-0:1.1.1-5.Final_redhat_2.ep6.el6.4
  • jboss-j2eemgmt-api_1.1_spec-0:1.0.1-5.Final_redhat_2.ep6.el6
  • jboss-jacc-api_1.4_spec-0:1.0.2-5.Final_redhat_2.ep6.el6
  • jboss-jad-api_1.2_spec-0:1.0.1-6.Final_redhat_2.ep6.el6
  • jboss-jaspi-api_1.0_spec-0:1.0.1-6.Final_redhat_2.ep6.el6
  • jboss-jaxb-api_2.2_spec-0:1.0.4-3.Final_redhat_2.1.ep6.el6.1
  • jboss-jaxr-api_1.0_spec-0:1.0.2-4.Final_redhat_2.ep6.el6
  • jboss-jaxrpc-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el6
  • jboss-jaxrs-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el6
  • jboss-jaxws-api_2.2_spec-0:2.0.1-5.Final_redhat_2.ep6.el6
  • jboss-jms-api_1.1_spec-0:1.0.1-4.Final_redhat_2.ep6.el6
  • jboss-jsf-api_2.1_spec-0:2.0.7-1.Final_redhat_1.ep6.el6
  • jboss-jsp-api_2.2_spec-0:1.0.1-5.Final_redhat_2.ep6.el6
  • jboss-jstl-api_1.2_spec-0:1.0.3-3.Final_redhat_2.ep6.el6
  • jboss-logging-0:3.1.2-3.GA_redhat_1.ep6.el6
  • jboss-logmanager-0:1.3.2-2.Final_redhat_1.ep6.el6
  • jboss-marshalling-0:1.3.15-2.GA_redhat_1.ep6.el6
  • jboss-metadata-0:7.0.4-2.Final_redhat_1.ep6.el6
  • jboss-metadata-appclient-0:7.0.4-2.Final_redhat_1.ep6.el6
  • jboss-metadata-common-0:7.0.4-2.Final_redhat_1.ep6.el6
  • jboss-metadata-ear-0:7.0.4-2.Final_redhat_1.ep6.el6
  • jboss-metadata-ejb-0:7.0.4-2.Final_redhat_1.ep6.el6
  • jboss-metadata-web-0:7.0.4-2.Final_redhat_1.ep6.el6
  • jboss-modules-0:1.1.3-2.GA_redhat_1.ep6.el6.1
  • jboss-msc-0:1.0.2-3.GA_redhat_2.2.ep6.el6
  • jboss-osgi-logging-0:1.0.0-4._redhat_2.1.ep6.el6.2
  • jboss-remote-naming-0:1.0.4-2.Final_redhat_1.ep6.el6.1
  • jboss-remoting3-0:3.2.14-1.GA_redhat_1.ep6.el6
  • jboss-remoting3-jmx-0:1.0.4-2.Final_redhat_1.ep6.el6.7
  • jboss-rmi-api_1.0_spec-0:1.0.4-9.2.Final_redhat_2.ep6.el6
  • jboss-saaj-api_1.3_spec-0:1.0.2-4_redhat_2.ep6.el6
  • jboss-sasl-0:1.0.3-2.Final_redhat_1.ep6.el6
  • jboss-seam-int-0:6.0.0-8.GA_redhat_2.ep6.el6
  • jboss-security-negotiation-0:2.2.1-2.Final_redhat_1.ep6.el6
  • jboss-security-xacml-0:2.0.8-5.Final_redhat_2.ep6.el6
  • jboss-servlet-api_2.5_spec-0:1.0.1-9.Final_redhat_2.ep6.el6
  • jboss-servlet-api_3.0_spec-0:1.0.1-11.Final_redhat_2.ep6.el6
  • jboss-specs-parent-0:1.0.0-5.Beta2_redhat_2.ep6.el6
  • jboss-stdio-0:1.0.1-7.GA_redhat_2.ep6.el6
  • jboss-threads-0:2.0.0-7.GA_redhat_2.ep6.el6
  • jboss-transaction-api_1.1_spec-0:1.0.1-5.Final_redhat_2.ep6.el6
  • jboss-transaction-spi-0:7.0.0-0.10.Final_redhat_2.ep6.el6
  • jboss-vfs2-0:3.1.0-4.Final_redhat_2.ep6.el6
  • jboss-weld-1.1-api-0:1.1-6.Final_redhat_2.ep6.el6.1
  • jboss-xnio-base-0:3.0.7-1.GA_redhat_1.ep6.el6
  • jbossas-appclient-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossas-bundles-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossas-core-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossas-domain-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossas-hornetq-native-0:2.2.21-1.Final.ep6.el6
  • jbossas-javadocs-0:7.1.3-4.Final_redhat_3.ep6.el6
  • jbossas-jbossweb-native-0:1.1.24-1.ep6.el6
  • jbossas-modules-eap-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossas-product-eap-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossas-standalone-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossas-welcome-content-eap-0:7.1.3-4.Final_redhat_4.ep6.el6
  • jbossts-1:4.16.6-1.Final_redhat_1.ep6.el6
  • jbossweb-0:7.0.17-1.Final_redhat_1.ep6.el6
  • jbossweb-lib-0:7.0.17-1.Final_redhat_1.ep6.el6
  • jbossws-api-0:1.0.0-3.GA_redhat_2.ep6.el6.3
  • jbossws-common-0:2.0.4-5.GA_redhat_3.ep6.el6.5
  • jbossws-common-tools-0:1.0.2-1.GA_redhat_1.ep6.el6
  • jbossws-cxf-0:4.0.6-2.GA_redhat_2.ep6.el6
  • jbossws-native-0:4.0.6-1.GA_redhat_1.ep6.el6
  • jbossws-spi-0:2.0.4-3.1.GA_redhat_1.ep6.el6
  • jbossxb2-0:2.0.3-13.GA_redhat_2.ep6.el6.3
  • jcip-annotations-0:1.0-2.2.3_redhat_2.ep6.el6.5
  • jdom-eap6-0:1.1.2-4.GA_redhat_2.ep6.el6
  • jettison-0:1.3.1-7_redhat_2.ep6.el6
  • jgroups-1:3.0.14-2.Final_redhat_1.ep6.el6
  • jline-eap6-0:0.9.94-10.GA_redhat_2.ep6.el6.4
  • joda-time-0:1.6.2-5.redhat_3.ep6.el6.4
  • jtype-0:0.1.1-9_redhat_2.3.ep6.el6.4
  • juddi-0:3.1.3-2_redhat_2.1.ep6.el6.3
  • jul-to-slf4j-stub-0:1.0.0-4.Final_redhat_2.1.ep6.el6.2
  • jython-eap6-0:2.5.2-5.redhat_2.ep6.el6.4
  • log4j-eap6-0:1.2.16-11.redhat_2.ep6.el6.4
  • log4j-jboss-logmanager-0:1.0.1-3.Final_redhat_2.ep6.el6
  • mod_cluster-0:1.2.3-1.Final_redhat_1.ep6.el6
  • mod_cluster-demo-0:1.2.3-1.Final_redhat_1.ep6.el6
  • mod_cluster-native-0:1.2.3-3.Final.ep6.el6
  • mod_cluster-native-debuginfo-0:1.2.3-3.Final.ep6.el6
  • mod_jk-ap22-0:1.2.36-5.ep6.el6
  • mod_jk-debuginfo-0:1.2.36-5.ep6.el6
  • mod_ssl-1:2.2.22-14.ep6.el6
  • netty-0:3.2.6-2_redhat_2.2.ep6.el6.4
  • objectweb-asm-eap6-0:3.3.1-5_redhat_2.ep6.el6.3
  • org.apache.felix.configadmin-0:1.2.8-4_redhat_2.ep6.el6
  • org.apache.felix.log-0:1.0.0-5.redhat_2.ep6.el6
  • org.osgi.core-0:4.2.0-4.redhat_2.ep6.el6.3
  • org.osgi.enterprise-0:4.2.0-4.redhat_2.ep6.el6.3
  • picketbox-0:4.0.14-2.Final_redhat_2.ep6.el6
  • picketbox-commons-0:1.0.0-0.8.final_redhat_2.ep6.el6.3
  • picketlink-federation-0:2.1.3.1-3.redhat_1.ep6.el6
  • relaxngDatatype-0:2011.1-0.1_redhat_3.ep6.el6.4
  • resteasy-0:2.3.4-4.Final_redhat_2.ep6.el6.3
  • rngom-0:201103-0.5.redhat_2.ep6.el6.4
  • scannotation-0:1.0.2-8.redhat_2.ep6.el6.2
  • shrinkwrap-0:1.0.0-16.redhat_2.ep6.el6
  • slf4j-eap6-0:1.6.1-23.redhat_2.ep6.el6
  • slf4j-jboss-logmanager-0:1.0.0-7.GA_redhat_2.3.ep6.el6.2
  • snakeyaml-0:1.8-8.redhat_2.ep6.el6.2
  • staxmapper-0:1.1.0-6.Final_redhat_2.ep6.el6.2
  • stilts-0:0.1.26-6.GA.redhat_2.ep6.el6.4
  • sun-codemodel-0:2.6-3_redhat_2.ep6.el6.3
  • sun-istack-commons-1:2.6.1-9_redhat_2.ep6.el6
  • sun-saaj-1.3-impl-0:1.3.16-8.redhat_2.ep6.el6.2
  • sun-txw2-0:20110809-5_redhat_2.ep6.el6.3
  • sun-ws-metadata-2.0-api-0:1.0.MR1-12_MR1_redhat_2.ep6.el6.4
  • sun-xsom-0:20110809-5_redhat_3.ep6.el6.3
  • tomcat-native-0:1.1.24-1.ep6.el6
  • tomcat-native-debuginfo-0:1.1.24-1.ep6.el6
  • velocity-eap6-0:1.6.3-7.redhat_2.ep6.el6.4
  • weld-cdi-1.0-api-0:1.0-6.SP4_redhat_2.ep6.el6.5
  • weld-core-0:1.1.10-2.Final_redhat_1.ep6.el6.1
  • woodstox-core-0:4.1.1-1.redhat_2.ep6.el6.4
  • woodstox-stax2-api-0:3.1.1-1.redhat_2.ep6.el6.4
  • ws-commons-XmlSchema-0:2.0.2-7.redhat_2.ep6.el6
  • ws-commons-neethi-0:3.0.2-5.redhat_2.ep6.el6
  • ws-scout-0:1.2.6-3.redhat_2.2.ep6.el6.5
  • wsdl4j-eap6-0:1.6.2-11.redhat_2.ep6.el6
  • wss4j-0:1.6.7-1.redhat_1.ep6.el6
  • xalan-j2-eap6-0:2.7.1-6.12.redhat_3.ep6.el6.2
  • xerces-j2-eap6-0:2.9.1-13_redhat_3.ep6.el6
  • xml-commons-resolver-eap6-0:1.2-10.redhat_2.ep6.el6.3
  • xml-security-0:1.5.2-2.redhat_1.ep6.el6
  • xom-0:1.2.7-1._redhat_3.1.ep6.el6.6
refmap via4
confirm http://java.net/jira/browse/JAVASERVERFACES-2436
misc https://issues.jboss.org/browse/JBPAPP-9197
mlist
  • [oss-security] 20120606 CVE request: Mojarra allows deployed web applications to read FacesContext from other applications
  • [oss-security] 20120606 Re: CVE request: Mojarra allows deployed web applications to read FacesContext from other applications
secunia
  • 49284
  • 51607
xf mojarra-facescontext-info-disc(76179)
Last major update 29-08-2017 - 01:31
Published 17-06-2012 - 03:41
Last modified 29-08-2017 - 01:31
Back to Top