CVE-2014-8122 - Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obt

CVE-2014-8122

Summary

Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state.

References

Vulnerable Configurations

cpe:2.3:a:redhat:jboss_weld:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_weld:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_weld:3.0.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_weld:3.0.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_weld:3.0.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_weld:3.0.0:alpha2:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 08-09-2017 - 01:29)
Impact:
Exploitability:

CWE

CWE-362

CAPEC

Leveraging Race Conditions
The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with his version and cause the system to read the malicious file.
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:N/A:N

redhat via4

advisories

rhsa
id RHSA-2015:0215
rhsa
id RHSA-2015:0216
rhsa
id RHSA-2015:0217
rhsa
id RHSA-2015:0218
rhsa
id RHSA-2015:0675
rhsa
id RHSA-2015:0773
rhsa
id RHSA-2015:0850
rhsa
id RHSA-2015:0851
rhsa
id RHSA-2015:0920

rpms

antlr-eap6-0:2.7.7-18.redhat_4.1.ep6.el5
apache-cxf-0:2.7.14-1.redhat_1.1.ep6.el5
glassfish-jsf-eap6-0:2.1.28-6.redhat_7.1.ep6.el5
guava-libraries-0:13.0.1-4.redhat_2.1.ep6.el5
hibernate4-core-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el5
hibernate4-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el5
hibernate4-entitymanager-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el5
hibernate4-envers-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el5
hibernate4-infinispan-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el5
hornetq-0:2.3.21.2-1.Final_redhat_1.1.ep6.el5
httpserver-0:1.0.2-1.Final_redhat_1.1.ep6.el5
jboss-as-appclient-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-cli-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-client-all-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-clustering-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-cmp-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-configadmin-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-connector-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-console-0:2.2.12-1.Final_redhat_1.1.ep6.el5
jboss-as-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-controller-client-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-core-security-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-deployment-repository-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-deployment-scanner-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-domain-http-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-domain-management-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-ee-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-ee-deployment-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-ejb3-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-embedded-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-host-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jacorb-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jaxr-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jaxrs-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jdr-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jmx-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jpa-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jsf-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-jsr77-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-logging-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-mail-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-management-client-content-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-messaging-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-modcluster-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-naming-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-network-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-osgi-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-osgi-configadmin-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-osgi-service-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-picketlink-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-platform-mbean-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-pojo-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-process-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-protocol-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-remoting-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-sar-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-security-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-server-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-system-jmx-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-threads-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-transactions-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-version-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-web-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-webservices-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-weld-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-as-xts-0:7.4.3-3.Final_redhat_2.1.ep6.el5
jboss-ejb-client-0:1.0.28-1.Final_redhat_1.1.ep6.el5
jboss-hal-0:2.2.12-1.Final_redhat_1.1.ep6.el5
jboss-marshalling-0:1.4.10-1.Final_redhat_1.1.ep6.el5
jboss-modules-0:1.3.5-1.Final_redhat_1.1.ep6.el5
jboss-remoting3-0:3.3.4-1.Final_redhat_1.1.ep6.el5
jboss-security-negotiation-0:2.3.6-1.Final_redhat_1.1.ep6.el5
jbossas-appclient-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-bundles-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-core-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-domain-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-javadocs-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-modules-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-product-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-standalone-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossas-welcome-content-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el5
jbossts-1:4.17.26-1.Final_redhat_1.1.ep6.el5
jbossweb-0:7.4.10-1.Final_redhat_1.1.ep6.el5
jbossws-cxf-0:4.3.4-1.Final_redhat_1.1.ep6.el5
jbossws-spi-0:2.3.1-1.Final_redhat_1.1.ep6.el5
picketbox-0:4.0.19-10.SP10_redhat_1.1.ep6.el5
picketlink-bindings-0:2.5.3-15.SP16_redhat_1.1.ep6.el5
picketlink-federation-0:2.5.3-16.SP16_redhat_1.1.ep6.el5
resteasy-0:2.3.8-13.SP4_redhat_2.1.ep6.el5
sun-istack-commons-1:2.6.1-12.redhat_3.1.ep6.el5
sun-saaj-1.3-impl-0:1.3.16-11.SP1_redhat_2.1.ep6.el5
weld-core-0:1.1.28-1.Final_redhat_1.1.ep6.el5
wss4j-0:1.6.17-2.SP1_redhat_1.1.ep6.el5
antlr-eap6-0:2.7.7-18.redhat_4.1.ep6.el6
apache-cxf-0:2.7.14-1.redhat_1.1.ep6.el6
glassfish-jsf-eap6-0:2.1.28-6.redhat_7.1.ep6.el6
guava-libraries-0:13.0.1-4.redhat_2.1.ep6.el6
hibernate4-core-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el6
hibernate4-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el6
hibernate4-entitymanager-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el6
hibernate4-envers-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el6
hibernate4-infinispan-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el6
hornetq-0:2.3.21.2-1.Final_redhat_1.1.ep6.el6
httpserver-0:1.0.2-1.Final_redhat_1.1.ep6.el6
jboss-as-appclient-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-cli-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-client-all-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-clustering-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-cmp-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-configadmin-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-connector-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-console-0:2.2.12-1.Final_redhat_1.1.ep6.el6
jboss-as-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-controller-client-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-core-security-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-deployment-repository-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-deployment-scanner-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-domain-http-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-domain-management-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-ee-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-ee-deployment-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-ejb3-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-embedded-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-host-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jacorb-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jaxr-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jaxrs-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jdr-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jmx-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jpa-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jsf-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-jsr77-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-logging-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-mail-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-management-client-content-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-messaging-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-modcluster-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-naming-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-network-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-osgi-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-osgi-configadmin-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-osgi-service-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-picketlink-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-platform-mbean-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-pojo-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-process-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-protocol-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-remoting-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-sar-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-security-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-server-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-system-jmx-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-threads-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-transactions-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-version-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-web-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-webservices-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-weld-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-as-xts-0:7.4.3-3.Final_redhat_2.1.ep6.el6
jboss-ejb-client-0:1.0.28-1.Final_redhat_1.1.ep6.el6
jboss-hal-0:2.2.12-1.Final_redhat_1.1.ep6.el6
jboss-marshalling-0:1.4.10-1.Final_redhat_1.1.ep6.el6
jboss-modules-0:1.3.5-1.Final_redhat_1.1.ep6.el6
jboss-remoting3-0:3.3.4-1.Final_redhat_1.1.ep6.el6
jboss-security-negotiation-0:2.3.6-1.Final_redhat_1.1.ep6.el6
jbossas-appclient-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-bundles-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-core-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-domain-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-javadocs-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-modules-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-product-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-standalone-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossas-welcome-content-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el6
jbossts-1:4.17.26-1.Final_redhat_1.1.ep6.el6
jbossweb-0:7.4.10-1.Final_redhat_1.1.ep6.el6
jbossws-cxf-0:4.3.4-1.Final_redhat_1.1.ep6.el6
jbossws-spi-0:2.3.1-1.Final_redhat_1.1.ep6.el6
picketbox-0:4.0.19-10.SP10_redhat_1.1.ep6.el6
picketlink-bindings-0:2.5.3-15.SP16_redhat_1.1.ep6.el6
picketlink-federation-0:2.5.3-16.SP16_redhat_1.1.ep6.el6
resteasy-0:2.3.8-13.SP4_redhat_2.1.ep6.el6
sun-istack-commons-1:2.6.1-12.redhat_3.1.ep6.el6
sun-saaj-1.3-impl-0:1.3.16-11.SP1_redhat_2.1.ep6.el6
weld-core-0:1.1.28-1.Final_redhat_1.1.ep6.el6
wss4j-0:1.6.17-2.SP1_redhat_1.1.ep6.el6
antlr-eap6-0:2.7.7-18.redhat_4.1.ep6.el7
apache-cxf-0:2.7.14-1.redhat_1.1.ep6.el7
glassfish-jsf-eap6-0:2.1.28-6.redhat_7.1.ep6.el7
guava-libraries-0:13.0.1-4.redhat_2.1.ep6.el7
hibernate4-core-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el7
hibernate4-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el7
hibernate4-entitymanager-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el7
hibernate4-envers-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el7
hibernate4-infinispan-eap6-0:4.2.17-2.SP1_redhat_1.1.ep6.el7
hornetq-0:2.3.21.2-1.Final_redhat_1.1.ep6.el7
httpserver-0:1.0.2-1.Final_redhat_1.1.ep6.el7
jboss-as-appclient-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-cli-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-client-all-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-clustering-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-cmp-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-configadmin-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-connector-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-console-0:2.2.12-1.Final_redhat_1.1.ep6.el7
jboss-as-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-controller-client-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-core-security-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-deployment-repository-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-deployment-scanner-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-domain-http-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-domain-management-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-ee-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-ee-deployment-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-ejb3-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-embedded-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-host-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jacorb-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jaxr-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jaxrs-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jdr-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jmx-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jpa-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jsf-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-jsr77-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-logging-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-mail-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-management-client-content-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-messaging-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-modcluster-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-naming-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-network-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-osgi-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-osgi-configadmin-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-osgi-service-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-picketlink-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-platform-mbean-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-pojo-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-process-controller-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-protocol-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-remoting-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-sar-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-security-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-server-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-system-jmx-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-threads-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-transactions-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-version-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-web-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-webservices-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-weld-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-as-xts-0:7.4.3-3.Final_redhat_2.1.ep6.el7
jboss-ejb-client-0:1.0.28-1.Final_redhat_1.1.ep6.el7
jboss-hal-0:2.2.12-1.Final_redhat_1.1.ep6.el7
jboss-marshalling-0:1.4.10-1.Final_redhat_1.1.ep6.el7
jboss-modules-0:1.3.5-1.Final_redhat_1.1.ep6.el7
jboss-remoting3-0:3.3.4-1.Final_redhat_1.1.ep6.el7
jboss-security-negotiation-0:2.3.6-1.Final_redhat_1.1.ep6.el7
jbossas-appclient-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-bundles-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-core-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-domain-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-javadocs-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-modules-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-product-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-standalone-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossas-welcome-content-eap-0:7.4.3-2.Final_redhat_2.1.ep6.el7
jbossts-1:4.17.26-1.Final_redhat_1.1.ep6.el7
jbossweb-0:7.4.10-1.Final_redhat_1.1.ep6.el7
jbossws-cxf-0:4.3.4-1.Final_redhat_1.1.ep6.el7
jbossws-spi-0:2.3.1-1.Final_redhat_1.1.ep6.el7
picketbox-0:4.0.19-10.SP10_redhat_1.1.ep6.el7
picketlink-bindings-0:2.5.3-15.SP16_redhat_1.1.ep6.el7
picketlink-federation-0:2.5.3-16.SP16_redhat_1.1.ep6.el7
resteasy-0:2.3.8-13.SP4_redhat_2.1.ep6.el7
sun-istack-commons-1:2.6.1-12.redhat_3.1.ep6.el7
sun-saaj-1.3-impl-0:1.3.16-11.SP1_redhat_2.1.ep6.el7
weld-core-0:1.1.28-1.Final_redhat_1.1.ep6.el7
wss4j-0:1.6.17-2.SP1_redhat_1.1.ep6.el7

refmap via4

bid	74252
confirm	https://github.com/weld/core/commit/29fd1107fd30579ad9bb23fae4dc3ba464205745 https://github.com/weld/core/commit/6808b11cd6d97c71a2eed754ed4f955acd789086 https://github.com/weld/core/commit/8e413202fa1af08c09c580f444e4fd16874f9c65
misc	https://github.com/victims/victims-cve-db/blob/master/database/java/2014/8122.yaml
sectrack	1031741
xf	redhat-jboss-cve20148122-info-disc(100892)

Last major update

08-09-2017 - 01:29

Published

13-02-2015 - 15:59

Last modified

08-09-2017 - 01:29