← voltar
CVE-2013-2186

CVE-2013-2186

EPSS 12.7%
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.htmlhttp://lists.opensuse.org/opensuse-updates/2013-10/msg00033.htmlhttp://lists.opensuse.org/opensuse-updates/2013-10/msg00050.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1428.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1429.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1430.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1442.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1448.htmlhttps://access.redhat.com/errata/RHSA-2016:0070http://secunia.com/advisories/55716https://exchange.xforce.ibmcloud.com/vulnerabilities/88133https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01