RHSA-2008:0151
Vulnerability from csaf_redhat
Published
2008-04-02 20:44
Modified
2024-11-22 02:13
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP02 security update
Notes
Topic
Updated JBoss Enterprise Application Platform (JBEAP) packages that fix
several security issues are now available.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
JBoss Enterprise Application Platform (JBEAP) is a middleware platform for
Java 2 Platform, Enterprise Edition (J2EE) applications.
This release of JBEAP for Red Hat Enterprise Linux 4 contains the JBoss
Application Server and JBoss Seam. This release serves as a replacement to
JBEAP 4.2.0.GA. It fixes several security issues:
The JFreeChart component was vulnerable to multiple cross-site scripting
(XSS) vulnerabilities. An attacker could misuse the image map feature to
inject arbitrary web script, or HTML, via several attributes of the chart
area. (CVE-2007-6306)
A vulnerability caused by exposing static Java methods was located within
the HSQLDB component. This could be utilized by an attacker to execute
arbitrary static Java methods. (CVE-2007-4575)
The setOrder method in the org.jboss.seam.framework.Query class did not
correctly validate user-supplied parameters. This vulnerability allowed
remote attackers to inject, and execute, arbitrary Enterprise JavaBeans
Query Language (EJB QL) commands via the order parameter. (CVE-2007-6433)
These updated packages include bug fixes and enhancements which are not
listed here. For a full list, please refer to the JBEAP 4.2.0CP02 release
notes:
http://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html
Warning: before applying this update, please backup the JBEAP
"server/[configuration]/deploy/" directory, and any other customized
configuration files.
All users of JBEAP on Red Hat Enterprise Linux 4 are advised to upgrade to
these updated packages, which resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated JBoss Enterprise Application Platform (JBEAP) packages that fix\nseveral security issues are now available.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Application Platform (JBEAP) is a middleware platform for\nJava 2 Platform, Enterprise Edition (J2EE) applications.\n\nThis release of JBEAP for Red Hat Enterprise Linux 4 contains the JBoss\nApplication Server and JBoss Seam. This release serves as a replacement to\nJBEAP 4.2.0.GA. It fixes several security issues:\n\nThe JFreeChart component was vulnerable to multiple cross-site scripting\n(XSS) vulnerabilities. An attacker could misuse the image map feature to\ninject arbitrary web script, or HTML, via several attributes of the chart\narea. (CVE-2007-6306)\n\nA vulnerability caused by exposing static Java methods was located within\nthe HSQLDB component. This could be utilized by an attacker to execute\narbitrary static Java methods. (CVE-2007-4575)\n\nThe setOrder method in the org.jboss.seam.framework.Query class did not\ncorrectly validate user-supplied parameters. This vulnerability allowed\nremote attackers to inject, and execute, arbitrary Enterprise JavaBeans\nQuery Language (EJB QL) commands via the order parameter. (CVE-2007-6433)\n\nThese updated packages include bug fixes and enhancements which are not\nlisted here. For a full list, please refer to the JBEAP 4.2.0CP02 release\nnotes:\nhttp://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html\n\nWarning: before applying this update, please backup the JBEAP\n\"server/[configuration]/deploy/\" directory, and any other customized\nconfiguration files.\n\nAll users of JBEAP on Red Hat Enterprise Linux 4 are advised to upgrade to\nthese updated packages, which resolve these issues.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2008:0151", url: "https://access.redhat.com/errata/RHSA-2008:0151", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "http://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html", url: "http://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html", }, { category: "external", summary: "299801", url: "https://bugzilla.redhat.com/show_bug.cgi?id=299801", }, { category: "external", summary: "421081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=421081", }, { category: "external", summary: "426206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=426206", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0151.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP02 security update", tracking: { current_release_date: "2024-11-22T02:13:22+00:00", generator: { date: "2024-11-22T02:13:22+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2008:0151", initial_release_date: "2008-04-02T20:44:00+00:00", revision_history: [ { date: "2008-04-02T20:44:00+00:00", number: "1", summary: "Initial version", }, { date: "2008-04-02T16:44:45+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T02:13:22+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product: { name: "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el4", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product: { name: "Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0::el4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", product: { name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", product_id: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-aop@1.5.5-1.CP01.0jpp.ep1.1.el4?arch=src", }, }, }, { category: "product_version", name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", product: { name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", product_id: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-cache@1.4.1-4.SP8_CP01.1jpp.ep1.1.el4?arch=src", }, }, }, { category: "product_version", name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", product: { name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", product_id: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP02.0jpp.ep1.1.el4?arch=src&epoch=1", }, }, }, { category: "product_version", name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", product: { name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", product_id: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossws-wsconsume-impl@2.0.0-0jpp.ep1.3?arch=src", }, }, }, { category: "product_version", name: "jboss-common-0:1.2.1-0jpp.ep1.2.src", product: { name: "jboss-common-0:1.2.1-0jpp.ep1.2.src", product_id: "jboss-common-0:1.2.1-0jpp.ep1.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.2?arch=src", }, }, }, { category: "product_version", name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", product: { name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", product_id: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP4.0jpp.ep1.1?arch=src", }, }, }, { category: "product_version", name: "jboss-seam-0:1.2.1-1.ep1.3.el4.src", product: { name: "jboss-seam-0:1.2.1-1.ep1.3.el4.src", product_id: "jboss-seam-0:1.2.1-1.ep1.3.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.3.el4?arch=src", }, }, }, { category: "product_version", name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", product: { name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", product_id: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossws-jboss42@1.2.1-0jpp.ep1.2.el4?arch=src", }, }, }, { category: "product_version", name: "wsdl4j-0:1.6.2-1jpp.ep1.8.src", product: { name: "wsdl4j-0:1.6.2-1jpp.ep1.8.src", product_id: "wsdl4j-0:1.6.2-1jpp.ep1.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/wsdl4j@1.6.2-1jpp.ep1.8?arch=src", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", product: { name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", product_id: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_04-1.p02.0jpp.ep1.18?arch=src", }, }, }, { category: "product_version", name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", product: { name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", product_id: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3-annotations@3.2.1-1.patch02.1jpp.ep1.2.el4?arch=src", }, }, }, { category: "product_version", name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", product: { name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", product_id: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas@4.2.0-3.GA_CP02.ep1.3.el4?arch=src", }, }, }, { category: "product_version", name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", product: { name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", product_id: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jfreechart@1.0.9-1jpp.ep1.2.el4?arch=src", }, }, }, { category: "product_version", name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.src", product: { name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.src", product_id: "concurrent-0:1.3.4-7jpp.ep1.6.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/concurrent@1.3.4-7jpp.ep1.6.el4?arch=src", }, }, }, { category: "product_version", name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", product: { name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", product_id: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.8?arch=src", }, }, }, { category: "product_version", name: "jacorb-0:2.3.0-1jpp.ep1.4.src", product: { name: "jacorb-0:2.3.0-1jpp.ep1.4.src", product_id: "jacorb-0:2.3.0-1jpp.ep1.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.4?arch=src", }, }, }, { category: "product_version", name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", product: { name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", product_id: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3-entitymanager@3.2.1-1jpp.ep1.6.el4?arch=src", }, }, }, { category: "product_version", name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", product: { name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", product_id: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossxb@1.0.0-2.SP1.0jpp.ep1.2.el4?arch=src", }, }, }, { category: "product_version", name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.src", product: { name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.src", product_id: "jcommon-0:1.0.12-1jpp.ep1.2.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jcommon@1.0.12-1jpp.ep1.2.el4?arch=src", }, }, }, { category: "product_version", name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", product: { name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", product_id: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@2.0.0-3.CP05.0jpp.ep1.1?arch=src", }, }, }, { category: "product_version", name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", product: { name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", product_id: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/hsqldb@1.8.0.8-2.patch01.1jpp.ep1.1?arch=src&epoch=1", }, }, }, { category: "product_version", name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", product: { name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", product_id: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-eap-docs@4.2.0-3.GA_CP02.ep1.1.el4?arch=src", }, }, }, { category: "product_version", name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", product: { name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", product_id: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaf@1.1.0-0jpp.ep1.10.el4?arch=src", }, }, }, { category: "product_version", name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", product: { name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", product_id: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jstl@1.2.0-0jpp.ep1.2?arch=src", }, }, }, { category: "product_version", name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", product: { name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", product_id: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@2.4.1-1.SP4.0jpp.ep1.2?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", product: { name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", product_id: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-aop@1.5.5-1.CP01.0jpp.ep1.1.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", product: { name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", product_id: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-cache@1.4.1-4.SP8_CP01.1jpp.ep1.1.el4?arch=noarch", }, }, }, { category: "product_version", name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", product: { name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", product_id: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3@3.2.4-1.SP1_CP02.0jpp.ep1.1.el4?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", product: { name: "hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", product_id: "hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3-javadoc@3.2.4-1.SP1_CP02.0jpp.ep1.1.el4?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", product: { name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", product_id: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossws-wsconsume-impl@2.0.0-0jpp.ep1.3?arch=noarch", }, }, }, { category: "product_version", name: "jboss-common-0:1.2.1-0jpp.ep1.2.noarch", product: { name: "jboss-common-0:1.2.1-0jpp.ep1.2.noarch", product_id: "jboss-common-0:1.2.1-0jpp.ep1.2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-common@1.2.1-0jpp.ep1.2?arch=noarch", }, }, }, { category: "product_version", name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", product: { name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", product_id: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-remoting@2.2.2-3.SP4.0jpp.ep1.1?arch=noarch", }, }, }, { category: "product_version", name: "jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", product: { name: "jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", product_id: "jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-seam-docs@1.2.1-1.ep1.3.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", product: { name: "jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", product_id: "jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-seam@1.2.1-1.ep1.3.el4?arch=noarch", }, }, }, { category: "product_version", name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", product: { name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", product_id: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossws-jboss42@1.2.1-0jpp.ep1.2.el4?arch=noarch", }, }, }, { category: "product_version", name: "wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", product: { name: "wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", product_id: "wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/wsdl4j@1.6.2-1jpp.ep1.8?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", product: { name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", product_id: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_04-1.p02.0jpp.ep1.18?arch=noarch", }, }, }, { category: "product_version", name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", product: { name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", product_id: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3-annotations@3.2.1-1.patch02.1jpp.ep1.2.el4?arch=noarch", }, }, }, { category: "product_version", name: "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", product: { name: "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", product_id: "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3-annotations-javadoc@3.2.1-1.patch02.1jpp.ep1.2.el4?arch=noarch", }, }, }, { category: "product_version", name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", product: { name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", product_id: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossas@4.2.0-3.GA_CP02.ep1.3.el4?arch=noarch", }, }, }, { category: "product_version", name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", product: { name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", product_id: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jfreechart@1.0.9-1jpp.ep1.2.el4?arch=noarch", }, }, }, { category: "product_version", name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", product: { name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", product_id: "concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/concurrent@1.3.4-7jpp.ep1.6.el4?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", product: { name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", product_id: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-javamail@1.4.0-0jpp.ep1.8?arch=noarch", }, }, }, { category: "product_version", name: "jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", product: { name: "jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", product_id: "jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jacorb-manual@2.3.0-1jpp.ep1.4?arch=noarch", }, }, }, { category: "product_version", name: "jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", product: { name: "jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", product_id: "jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jacorb-demo@2.3.0-1jpp.ep1.4?arch=noarch", }, }, }, { category: "product_version", name: "jacorb-0:2.3.0-1jpp.ep1.4.noarch", product: { name: "jacorb-0:2.3.0-1jpp.ep1.4.noarch", product_id: "jacorb-0:2.3.0-1jpp.ep1.4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jacorb@2.3.0-1jpp.ep1.4?arch=noarch", }, }, }, { category: "product_version", name: "jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", product: { name: "jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", product_id: "jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jacorb-javadoc@2.3.0-1jpp.ep1.4?arch=noarch", }, }, }, { category: "product_version", name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", product: { name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", product_id: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3-entitymanager@3.2.1-1jpp.ep1.6.el4?arch=noarch", }, }, }, { category: "product_version", name: "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", product: { name: "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", product_id: "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hibernate3-entitymanager-javadoc@3.2.1-1jpp.ep1.6.el4?arch=noarch", }, }, }, { category: "product_version", name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", product: { name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", product_id: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossxb@1.0.0-2.SP1.0jpp.ep1.2.el4?arch=noarch", }, }, }, { category: "product_version", name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", product: { name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", product_id: "jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jcommon@1.0.12-1jpp.ep1.2.el4?arch=noarch", }, }, }, { category: "product_version", name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", product: { name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", product_id: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jbossweb@2.0.0-3.CP05.0jpp.ep1.1?arch=noarch", }, }, }, { category: "product_version", name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", product: { name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", product_id: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/hsqldb@1.8.0.8-2.patch01.1jpp.ep1.1?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", product: { name: "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", product_id: "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-eap-docs-examples@4.2.0-3.GA_CP02.ep1.1.el4?arch=noarch", }, }, }, { category: "product_version", name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", product: { name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", product_id: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rh-eap-docs@4.2.0-3.GA_CP02.ep1.1.el4?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", product: { name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", product_id: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaf@1.1.0-0jpp.ep1.10.el4?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", product: { name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", product_id: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jstl@1.2.0-0jpp.ep1.2?arch=noarch", }, }, }, { category: "product_version", name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", product: { name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", product_id: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jgroups@2.4.1-1.SP4.0jpp.ep1.2?arch=noarch&epoch=1", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", }, product_reference: "concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", }, product_reference: "concurrent-0:1.3.4-7jpp.ep1.6.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", }, product_reference: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", }, product_reference: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", }, product_reference: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", }, product_reference: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", }, product_reference: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", }, product_reference: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", }, product_reference: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", }, product_reference: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", }, product_reference: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", }, product_reference: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", }, product_reference: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", }, product_reference: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", }, product_reference: "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", }, product_reference: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", }, product_reference: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", }, product_reference: "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", }, product_reference: "hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", }, product_reference: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", }, product_reference: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-0:2.3.0-1jpp.ep1.4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", }, product_reference: "jacorb-0:2.3.0-1jpp.ep1.4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", }, product_reference: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", }, product_reference: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", }, product_reference: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", }, product_reference: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-common-0:1.2.1-0jpp.ep1.2.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", }, product_reference: "jboss-common-0:1.2.1-0jpp.ep1.2.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-common-0:1.2.1-0jpp.ep1.2.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", }, product_reference: "jboss-common-0:1.2.1-0jpp.ep1.2.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", }, product_reference: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", }, product_reference: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-seam-0:1.2.1-1.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", }, product_reference: "jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-seam-0:1.2.1-1.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", }, product_reference: "jboss-seam-0:1.2.1-1.ep1.3.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", }, product_reference: "jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", }, product_reference: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", }, product_reference: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", }, product_reference: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", }, product_reference: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", }, product_reference: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", }, product_reference: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", }, product_reference: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", }, product_reference: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", }, product_reference: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", }, product_reference: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", }, product_reference: "jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", }, product_reference: "jcommon-0:1.0.12-1jpp.ep1.2.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", }, product_reference: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", }, product_reference: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", }, product_reference: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", }, product_reference: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", }, product_reference: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", }, product_reference: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", }, product_reference: "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "wsdl4j-0:1.6.2-1jpp.ep1.8.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", }, product_reference: "wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "wsdl4j-0:1.6.2-1jpp.ep1.8.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 AS", product_id: "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", }, product_reference: "wsdl4j-0:1.6.2-1jpp.ep1.8.src", relates_to_product_reference: "4AS-JBEAP", }, { category: "default_component_of", full_product_name: { name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", }, product_reference: "concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "concurrent-0:1.3.4-7jpp.ep1.6.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", }, product_reference: "concurrent-0:1.3.4-7jpp.ep1.6.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", }, product_reference: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", }, product_reference: "glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", }, product_reference: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", }, product_reference: "glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", }, product_reference: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", }, product_reference: "glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", }, product_reference: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", }, product_reference: "glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", }, product_reference: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", }, product_reference: "hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", }, product_reference: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", }, product_reference: "hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", }, product_reference: "hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", }, product_reference: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", }, product_reference: "hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", }, product_reference: "hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", }, product_reference: "hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", }, product_reference: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", }, product_reference: "hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-0:2.3.0-1jpp.ep1.4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", }, product_reference: "jacorb-0:2.3.0-1jpp.ep1.4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", }, product_reference: "jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", }, product_reference: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", }, product_reference: "jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", }, product_reference: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", }, product_reference: "jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-common-0:1.2.1-0jpp.ep1.2.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", }, product_reference: "jboss-common-0:1.2.1-0jpp.ep1.2.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-common-0:1.2.1-0jpp.ep1.2.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", }, product_reference: "jboss-common-0:1.2.1-0jpp.ep1.2.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", }, product_reference: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", }, product_reference: "jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-seam-0:1.2.1-1.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", }, product_reference: "jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-seam-0:1.2.1-1.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", }, product_reference: "jboss-seam-0:1.2.1-1.ep1.3.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", }, product_reference: "jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", }, product_reference: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", }, product_reference: "jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", }, product_reference: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", }, product_reference: "jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", }, product_reference: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", }, product_reference: "jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", }, product_reference: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", }, product_reference: "jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", }, product_reference: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", }, product_reference: "jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", }, product_reference: "jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jcommon-0:1.0.12-1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", }, product_reference: "jcommon-0:1.0.12-1jpp.ep1.2.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", }, product_reference: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", }, product_reference: "jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", }, product_reference: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", }, product_reference: "jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", }, product_reference: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", }, product_reference: "rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", }, product_reference: "rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "wsdl4j-0:1.6.2-1jpp.ep1.8.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", }, product_reference: "wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", relates_to_product_reference: "4ES-JBEAP", }, { category: "default_component_of", full_product_name: { name: "wsdl4j-0:1.6.2-1jpp.ep1.8.src as a component of Red Hat JBoss Enterprise Application Platform 4.2.0 for RHEL 4 ES", product_id: "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", }, product_reference: "wsdl4j-0:1.6.2-1jpp.ep1.8.src", relates_to_product_reference: "4ES-JBEAP", }, ], }, vulnerabilities: [ { cve: "CVE-2007-4575", discovery_date: "2007-09-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "299801", }, ], notes: [ { category: "description", text: "HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to \"exposing static java methods.\"", title: "Vulnerability description", }, { category: "summary", text: "OpenOffice.org-base allows Denial-of-Service and command injection", title: "Vulnerability summary", }, ], product_status: { fixed: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], known_not_affected: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-4575", }, { category: "external", summary: "RHBZ#299801", url: "https://bugzilla.redhat.com/show_bug.cgi?id=299801", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-4575", url: "https://www.cve.org/CVERecord?id=CVE-2007-4575", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-4575", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-4575", }, ], release_date: "2007-12-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-04-02T20:44:00+00:00", details: "A complete installation guide for this new release is linked to in the\nReferences section below.\n\nBefore installing this upgrade, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0151", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "OpenOffice.org-base allows Denial-of-Service and command injection", }, { cve: "CVE-2007-5461", discovery_date: "2007-10-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "333791", }, ], notes: [ { category: "description", text: "Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.", title: "Vulnerability description", }, { category: "summary", text: "Absolute path traversal Apache Tomcat WEBDAV", title: "Vulnerability summary", }, ], product_status: { fixed: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], known_not_affected: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-5461", }, { category: "external", summary: "RHBZ#333791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=333791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-5461", url: "https://www.cve.org/CVERecord?id=CVE-2007-5461", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-5461", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-5461", }, ], release_date: "2007-10-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-04-02T20:44:00+00:00", details: "A complete installation guide for this new release is linked to in the\nReferences section below.\n\nBefore installing this upgrade, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0151", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "Absolute path traversal Apache Tomcat WEBDAV", }, { cve: "CVE-2007-6306", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2007-12-11T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "421081", }, ], notes: [ { category: "description", text: "Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) chart name or (2) chart tool tip text; or the (3) href, (4) shape, or (5) coords attribute of a chart area.", title: "Vulnerability description", }, { category: "summary", text: "JFreeChart: XSS vulnerabilities in the image map feature", title: "Vulnerability summary", }, ], product_status: { fixed: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], known_not_affected: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-6306", }, { category: "external", summary: "RHBZ#421081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=421081", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-6306", url: "https://www.cve.org/CVERecord?id=CVE-2007-6306", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-6306", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-6306", }, ], release_date: "2007-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-04-02T20:44:00+00:00", details: "A complete installation guide for this new release is linked to in the\nReferences section below.\n\nBefore installing this upgrade, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0151", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "JFreeChart: XSS vulnerabilities in the image map feature", }, { cve: "CVE-2007-6433", discovery_date: "2007-12-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "426206", }, ], notes: [ { category: "description", text: "The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.", title: "Vulnerability description", }, { category: "summary", text: "EJBQL injection via 'order' parameter", title: "Vulnerability summary", }, ], product_status: { fixed: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], known_not_affected: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2007-6433", }, { category: "external", summary: "RHBZ#426206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=426206", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2007-6433", url: "https://www.cve.org/CVERecord?id=CVE-2007-6433", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2007-6433", url: "https://nvd.nist.gov/vuln/detail/CVE-2007-6433", }, ], release_date: "2007-12-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-04-02T20:44:00+00:00", details: "A complete installation guide for this new release is linked to in the\nReferences section below.\n\nBefore installing this upgrade, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0151", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "EJBQL injection via 'order' parameter", }, { cve: "CVE-2008-0002", discovery_date: "2008-02-08T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "432327", }, ], notes: [ { category: "description", text: "Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.", title: "Vulnerability description", }, { category: "summary", text: "Tomcat information disclosure vulnerability", title: "Vulnerability summary", }, ], product_status: { fixed: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], known_not_affected: [ "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4AS-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4AS-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4AS-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4AS-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4AS-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4AS-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4AS-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.noarch", "4ES-JBEAP:concurrent-0:1.3.4-7jpp.ep1.6.el4.src", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.noarch", "4ES-JBEAP:glassfish-jaf-0:1.1.0-0jpp.ep1.10.el4.src", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.noarch", "4ES-JBEAP:glassfish-jsf-0:1.2_04-1.p02.0jpp.ep1.18.src", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.noarch", "4ES-JBEAP:glassfish-jstl-0:1.2.0-0jpp.ep1.2.src", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.noarch", "4ES-JBEAP:jboss-common-0:1.2.1-0jpp.ep1.2.src", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.noarch", "4ES-JBEAP:jbossws-wsconsume-impl-0:2.0.0-0jpp.ep1.3.src", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossxb-0:1.0.0-2.SP1.0jpp.ep1.2.el4.src", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.noarch", "4ES-JBEAP:wsdl4j-0:1.6.2-1jpp.ep1.8.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2008-0002", }, { category: "external", summary: "RHBZ#432327", url: "https://bugzilla.redhat.com/show_bug.cgi?id=432327", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2008-0002", url: "https://www.cve.org/CVERecord?id=CVE-2008-0002", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2008-0002", url: "https://nvd.nist.gov/vuln/detail/CVE-2008-0002", }, ], release_date: "2008-02-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2008-04-02T20:44:00+00:00", details: "A complete installation guide for this new release is linked to in the\nReferences section below.\n\nBefore installing this upgrade, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4AS-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4AS-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4AS-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4AS-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4AS-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4AS-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4AS-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4AS-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4AS-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4AS-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4AS-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4AS-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4AS-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4AS-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4AS-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4AS-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.noarch", "4ES-JBEAP:glassfish-javamail-0:1.4.0-0jpp.ep1.8.src", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hibernate3-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.src", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-annotations-0:3.2.1-1.patch02.1jpp.ep1.2.el4.src", "4ES-JBEAP:hibernate3-annotations-javadoc-0:3.2.1-1.patch02.1jpp.ep1.2.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-entitymanager-0:3.2.1-1jpp.ep1.6.el4.src", "4ES-JBEAP:hibernate3-entitymanager-javadoc-0:3.2.1-1jpp.ep1.6.el4.noarch", "4ES-JBEAP:hibernate3-javadoc-1:3.2.4-1.SP1_CP02.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.noarch", "4ES-JBEAP:hsqldb-1:1.8.0.8-2.patch01.1jpp.ep1.1.src", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-0:2.3.0-1jpp.ep1.4.src", "4ES-JBEAP:jacorb-demo-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-javadoc-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jacorb-manual-0:2.3.0-1jpp.ep1.4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-aop-0:1.5.5-1.CP01.0jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.noarch", "4ES-JBEAP:jboss-cache-0:1.4.1-4.SP8_CP01.1jpp.ep1.1.el4.src", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.noarch", "4ES-JBEAP:jboss-remoting-0:2.2.2-3.SP4.0jpp.ep1.1.src", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jboss-seam-0:1.2.1-1.ep1.3.el4.src", "4ES-JBEAP:jboss-seam-docs-0:1.2.1-1.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.noarch", "4ES-JBEAP:jbossas-0:4.2.0-3.GA_CP02.ep1.3.el4.src", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.noarch", "4ES-JBEAP:jbossweb-0:2.0.0-3.CP05.0jpp.ep1.1.src", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.noarch", "4ES-JBEAP:jbossws-jboss42-0:1.2.1-0jpp.ep1.2.el4.src", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jcommon-0:1.0.12-1jpp.ep1.2.el4.src", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.noarch", "4ES-JBEAP:jfreechart-0:1.0.9-1jpp.ep1.2.el4.src", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.noarch", "4ES-JBEAP:jgroups-1:2.4.1-1.SP4.0jpp.ep1.2.src", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", "4ES-JBEAP:rh-eap-docs-0:4.2.0-3.GA_CP02.ep1.1.el4.src", "4ES-JBEAP:rh-eap-docs-examples-0:4.2.0-3.GA_CP02.ep1.1.el4.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2008:0151", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "Tomcat information disclosure vulnerability", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.