Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

redhat jboss enterprise portal platform 4.3.0 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2011-2487
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J prior to 1.6.5 is susceptible to a Bleichenbacher attack.
Apache Wss4jApache CxfRedhat Jboss Enterprise Soa Platform 4.3.0Redhat Jboss Enterprise Soa Platform 4.2.0Redhat Jboss Enterprise Application Platform 5.0.0Redhat Jboss Portal 4.0.0Redhat Jboss Enterprise Web Platform 5.0.0Redhat Jboss Business Rules Management System 5.3Redhat Jboss Enterprise Application Platform Text-only Advisories -Redhat Jboss Middleware Text-only Advisories -Redhat Jboss Web Services -
4.3
CVSSv2
CVE-2011-4580
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Enterprise Portal Platform prior to 5.2.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redhat Jboss Enterprise Portal Platform 4.3.0Redhat Jboss Enterprise Portal PlatformRedhat Jboss Enterprise Portal Platform 5.0.0Redhat Jboss Enterprise Portal Platform 5.0.1Redhat Jboss Enterprise Portal Platform 5.1.0
5.8
CVSSv2
CVE-2011-2941
Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform prior to 5.2.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter.
Redhat Jboss Enterprise Portal Platform 4.3.0Redhat Jboss Enterprise Portal Platform 5.0.0Redhat Jboss Enterprise Portal Platform 5.1.0Redhat Jboss Enterprise Portal Platform 5.0.1Redhat Jboss Enterprise Portal Platform
6.4
CVSSv2
CVE-2012-5575
Apache CXF 2.5.x prior to 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote malicious users to force CXF to use w...
Apache Cxf 2.5.2Apache Cxf 2.5.9Redhat Jboss Enterprise Web Platform 5.2.0Redhat Jboss Enterprise Soa Platform 4.3.0Apache Cxf 2.6.0Apache Cxf 2.5.3Apache Cxf 2.7.3Apache Cxf 2.5.7Redhat Jboss Fuse Esb Enterprise 7.1.0Apache Cxf 2.6.2Apache Cxf 2.5.0Apache Cxf 2.5.1Apache Cxf 2.5.5Apache Cxf 2.5.8Apache Cxf 2.6.5Apache Cxf 2.7.0Apache Cxf 2.6.6Apache Cxf 2.6.3Redhat Jboss Enterprise Portal Platform 4.3.0Apache Cxf 2.5.6Apache Cxf 2.6.4Apache Cxf 2.6.1
5
CVSSv2
CVE-2011-1483
wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1...
Redhat Jboss Enterprise Portal Platform 4.3.0Redhat Jboss Enterprise Soa Platform 4.2.0Redhat Jboss Enterprise Soa Platform 5.1.0Redhat Jboss Communications Platform 1.2.11Redhat Jboss Communications Platform 5.1.1Redhat Jboss Enterprise Brms Platform 5.1.0Redhat Jboss Enterprise Application Platform 4.2.0Redhat Jboss Enterprise Application Platform 4.3.0Redhat Jboss Enterprise Application Platform 5.1.1Redhat Jboss Enterprise Portal Platform 5.1.1Redhat Jboss Enterprise Soa Platform 4.3.0Redhat Jboss Enterprise Web Platform 5.1.1Hp Network Node Manager I 9.02Hp Network Node Manager I 9.0Hp Network Node Manager I 9.10Hp Network Node Manager I 9.03Hp Network Node Manager I 9.01
5
CVSSv2
CVE-2011-1096
The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform prior to 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote malicious users to obtain plaintext data via a...
Redhat Jboss Enterprise Portal Platform 5.0.0Redhat Jboss Enterprise Portal Platform 5.1.1Redhat Jboss Enterprise Portal Platform 5.1.0Redhat Jboss Enterprise Portal PlatformRedhat Jboss Enterprise Portal Platform 5.2.0Redhat Jboss Enterprise Portal Platform 5.0.1
6.8
CVSSv2
CVE-2011-4085
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform prior to 5.1.2, SOA Platform prior to 5.2.0, BRMS Platform prior to 5.3.0, and Portal Platform prior to 4.3 CP07 perform access control only for the GET and POST methods, which allow remote malicious ...
Redhat Jboss Enterprise Application Platform 4.3.0Redhat Jboss Enterprise Application Platform 5.0.1Redhat Jboss Enterprise Application Platform 5.1.0Redhat Jboss Enterprise Application Platform 4.2.0Redhat Jboss Enterprise Application PlatformRedhat Jboss Enterprise Application Platform 5.0.0Redhat Jboss Enterprise Soa Platform 4.3.0Redhat Jboss Enterprise Soa Platform 4.2.0Redhat Jboss Enterprise Soa Platform 5.0.2Redhat Jboss Enterprise Soa Platform 5.0.1Redhat Jboss Enterprise Soa Platform 5.1.0Redhat Jboss Enterprise Soa PlatformRedhat Jboss Enterprise Soa Platform 5.0.0Redhat Jboss Enterprise Brms PlatformRedhat Jboss Enterprise Portal Platform
3.3
CVSSv2
CVE-2012-2377
JGroups diagnostics service in JBoss Enterprise Portal Platform prior to 5.2.2, SOA Platform prior to 5.3.0, and BRMS Platform prior to 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnos...
Redhat Jboss Enterprise Portal Platform 5.1.1Redhat Jboss Enterprise Portal Platform 5.1.0Redhat Jboss Enterprise Portal PlatformRedhat Jboss Enterprise Portal Platform 5.2.0Redhat Jboss Enterprise Portal Platform 4.3.0Redhat Jboss Enterprise Portal Platform 5.0.1Redhat Jboss Enterprise Portal Platform 5.0.0Redhat Jboss Enterprise Soa Platform 5.1.1Redhat Jboss Enterprise Soa Platform 5.1.0Redhat Jboss Enterprise Soa Platform 4.2.0Redhat Jboss Enterprise Soa PlatformRedhat Jboss Enterprise Soa Platform 4.3.0Redhat Jboss Enterprise Soa Platform 5.0.0Redhat Jboss Enterprise Soa Platform 5.0.2Redhat Jboss Enterprise Soa Platform 5.0.1Redhat Jboss Enterprise Brms Platform
7.5
CVSSv2
CVE-2011-4605
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x prior to 5.2.2, and BRMS Platform prior t...
Redhat Jboss Enterprise Application Platform 4.3.0Redhat Jboss Enterprise Application Platform 5.1.2Redhat Jboss Enterprise Web Platform 5.1.2Redhat Jboss Enterprise Portal Platform 5.2.1Redhat Jboss Enterprise Portal Platform 4.3.0Redhat Jboss Enterprise Brms PlatformRedhat Jboss Enterprise Soa Platform 4.2.0Redhat Jboss Enterprise Portal Platform 5.2.0Redhat Jboss Enterprise Soa Platform 4.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook