Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and previous versions, as used in JBoss Web Framework Kit, allow remote malicious users to read arbitrary files and possibly have other impacts via a crafted XML file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss seam 2 framework 2.3.0 |
||
redhat jboss seam 2 framework 2.0.0 |
||
redhat jboss seam 2 framework 2.1.0 |
||
redhat jboss seam 2 framework 2.1.1 |
||
redhat jboss seam 2 framework 2.3.1 |
||
redhat jboss seam 2 framework 2.0.1 |
||
redhat jboss seam 2 framework 2.0.2 |
||
redhat jboss seam 2 framework 2.2.0 |
||
redhat jboss seam 2 framework 2.2.1 |
||
redhat jboss seam 2 framework |
||
redhat jboss seam 2 framework 2.0.3 |
||
redhat jboss seam 2 framework 2.1.2 |
||
redhat jboss seam 2 framework 2.2.2 |