{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-04-20T00:00:00", "descriptions": [{"lang": "en", "value": "jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP04 and 5.1.0 and JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0.CP09 and 5.1.0, does not properly restrict use of Expression Language (EL) statements in FacesMessages during page exception handling, which allows remote attackers to execute arbitrary Java code via a crafted URL to an application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-08-23T09:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2011:1251", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1251.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692421"}, {"name": "RHSA-2011:0462", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0462.html"}, {"name": "RHSA-2011:0463", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0463.html"}, {"name": "RHSA-2011:0461", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0461.html"}, {"name": "RHSA-2011:0460", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0460.html"}, {"name": "RHSA-2011:1148", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1148.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://docs.redhat.com/docs/en-US/JBoss_Communications_Platform/5.1/html/5.1.1_Release_Notes/ar01s05.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:28:41.792Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2011:1251", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1251.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692421"}, {"name": "RHSA-2011:0462", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0462.html"}, {"name": "RHSA-2011:0463", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0463.html"}, {"name": "RHSA-2011:0461", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0461.html"}, {"name": "RHSA-2011:0460", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0460.html"}, {"name": "RHSA-2011:1148", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1148.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://docs.redhat.com/docs/en-US/JBoss_Communications_Platform/5.1/html/5.1.1_Release_Notes/ar01s05.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1484", "datePublished": "2011-07-27T01:00:00", "dateReserved": "2011-03-21T00:00:00", "dateUpdated": "2024-08-06T22:28:41.792Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:cp09:*:*:*:*:*:*", "matchCriteriaId": "FA7424BA-1E18-4267-9697-F4560BE75359", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "972C5C87-E982-44A5-866D-FDEACB5203B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:4.3.0:cp04:*:*:*:*:*:*", "matchCriteriaId": "23F0650B-C39D-4C7D-8BB9-BBA951BA8AAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2B72D56E-DE3C-4383-906D-F3DCD9D09CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB8AAFEA-2C73-460E-AAF3-C076041C7335", "versionEndIncluding": "2.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "4664C66E-3F4B-471E-AAC9-276834A55499", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.0:cr1:*:*:*:*:*:*", "matchCriteriaId": "43CACD28-B9A3-46D5-BA99-AA578F51D693", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.0:cr2:*:*:*:*:*:*", "matchCriteriaId": "1A4951C4-8941-4A7F-B742-B50A812CC4B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.0:cr3:*:*:*:*:*:*", "matchCriteriaId": "1A83D0E2-C724-47D1-9A98-7ACADA8810DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.0:ga:*:*:*:*:*:*", "matchCriteriaId": "56B7E191-8A62-4BDE-90A4-192BA5696A39", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.1:cr1:*:*:*:*:*:*", "matchCriteriaId": "4A027797-81BC-4826-BBCC-C5EAEAB3E503", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.1:cr2:*:*:*:*:*:*", "matchCriteriaId": "67F9B8C2-D2BE-4B4A-829C-528EC716C3FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.1:ga:*:*:*:*:*:*", "matchCriteriaId": "D38126DF-747B-4892-9B63-E7E35F98C760", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.2:cr1:*:*:*:*:*:*", "matchCriteriaId": "ECD78557-9403-496D-8512-FA693E291164", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.2:cr2:*:*:*:*:*:*", "matchCriteriaId": "CB076878-0465-44C7-AE59-C9584B3CEE1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.2:ga:*:*:*:*:*:*", "matchCriteriaId": "F682D85A-5B8C-4F83-BABD-9D28775C3776", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.2:sp1:*:*:*:*:*:*", "matchCriteriaId": "43DA16B0-8E35-444D-B0BC-6774BBEC9E49", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.0.3:cr1:*:*:*:*:*:*", "matchCriteriaId": "D249483C-D9F2-474F-9DDD-775CA573A642", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "C5BD9104-7BE9-420F-8DB2-C07748941254", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "A6513765-FEB9-4D7E-AE29-E479707AED02", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.0:cr1:*:*:*:*:*:*", "matchCriteriaId": "42291710-D8D1-4C77-8A62-E0B80BA3D5AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.0:ga:*:*:*:*:*:*", "matchCriteriaId": "0BBFD756-FF7B-4163-9924-CC922A7EA1AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "226579DC-5DFE-4778-9871-4137B556D3A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.1:cr1:*:*:*:*:*:*", "matchCriteriaId": "CB03E6D7-1A07-49EB-AB21-E136132BDF1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.1:cr2:*:*:*:*:*:*", "matchCriteriaId": "68FE6392-8774-4534-8903-BE9154FE2795", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.1:ga:*:*:*:*:*:*", "matchCriteriaId": "9F98F783-0AB2-41BE-8B07-D62438824541", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A206D39-DBF9-4B14-8703-9081682A1EEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.2:cr1:*:*:*:*:*:*", "matchCriteriaId": "32B2FE67-27F7-4BF7-A78A-0A5FAAADFE20", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.1.2:cr2:*:*:*:*:*:*", "matchCriteriaId": "1371416C-30C8-47A6-8A0C-F4E37875BE8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.2.0:cr1:*:*:*:*:*:*", "matchCriteriaId": "CA790538-865A-4249-B6F9-F0CEC5818E57", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.2.0:ga:*:*:*:*:*:*", "matchCriteriaId": "62AB605C-3102-4425-A563-817445B2F187", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E6F5051-BF57-44EA-942F-9E74A06D8B45", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.2.1:cr1:*:*:*:*:*:*", "matchCriteriaId": "0FD6DFE0-4FC8-4311-A724-666AA48A64C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.2.1:cr2:*:*:*:*:*:*", "matchCriteriaId": "EB833625-4D55-4BFE-A05C-5650D342C461", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_seam_2_framework:2.2.1:cr3:*:*:*:*:*:*", "matchCriteriaId": "CB5F7791-FC8F-4E6C-B14D-A31D69086895", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP04 and 5.1.0 and JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0.CP09 and 5.1.0, does not properly restrict use of Expression Language (EL) statements in FacesMessages during page exception handling, which allows remote attackers to execute arbitrary Java code via a crafted URL to an application."}, {"lang": "es", "value": "jboss-seam.jar en el framework JBoss Seam 2 2.2.x y versiones anteriores, tal como se distribuye con la plataforma Hat JBoss Enterprise SOA 4.3.0.CP04 y 5.1.0 y JBoss Enterprise Application Platform (JBoss EAP o JBEAP) 4.3.0.CP09 y 5.1.0, no restringen el uso de instrucciones de \"Expression Language\" (EL) en FacesMessages durante el manejo de excepciones de p\u00e1gina, lo que permite a atacantes remotos ejecutar c\u00f3digo Java arbitrario a trav\u00e9s de una URL modificada a una aplicaci\u00f3n."}], "id": "CVE-2011-1484", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-07-27T02:42:27.203", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0460.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0461.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0462.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0463.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-1148.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-1251.html"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692421"}, {"source": "secalert@redhat.com", "url": "https://docs.redhat.com/docs/en-US/JBoss_Communications_Platform/5.1/html/5.1.1_Release_Notes/ar01s05.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0460.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0461.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0462.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0463.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2011-1148.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2011-1251.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692421"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.redhat.com/docs/en-US/JBoss_Communications_Platform/5.1/html/5.1.1_Release_Notes/ar01s05.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Martin Kouba (IT SYSTEMS a.s.) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2011:1148", "cpe": "cpe:/a:redhat:jboss_communications_platform:5.1", "product_name": "JBoss Communications Platform 5.1", "release_date": "2011-08-10T00:00:00Z"}, {"advisory": "RHSA-2011:0462", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3", "product_name": "Red Hat JBoss Enterprise Application Platform 4.3", "release_date": "2011-04-20T00:00:00Z"}, {"advisory": "RHSA-2011:0460", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4", "package": "jboss-seam2-0:2.0.2.FP-1.ep1.27.el4", "product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4", "release_date": "2011-04-20T00:00:00Z"}, {"advisory": "RHSA-2011:0460", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el5", "package": "jboss-seam2-0:2.0.2.FP-1.ep1.27.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5", "release_date": "2011-04-20T00:00:00Z"}, {"advisory": "RHSA-2011:0462", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5.1", "product_name": "Red Hat JBoss Enterprise Application Platform 5.1", "release_date": "2011-04-20T00:00:00Z"}, {"advisory": "RHSA-2011:0461", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5::el4", "package": "jboss-seam2-0:2.2.2.EAP-17.el4_8", "product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 4", "release_date": "2011-04-20T00:00:00Z"}, {"advisory": "RHSA-2011:0461", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5::el5", "package": "jboss-seam2-0:2.2.2.EAP-17.ep5.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 5", "release_date": "2011-04-20T00:00:00Z"}, {"advisory": "RHSA-2012:0091", "cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:4.3", "product_name": "Red Hat JBoss Portal 4.3", "release_date": "2012-02-02T00:00:00Z"}, {"advisory": "RHSA-2011:1251", "cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:5", "product_name": "Red Hat JBoss Portal 5", "release_date": "2011-09-05T00:00:00Z"}, {"advisory": "RHSA-2011:0463", "cpe": "cpe:/a:redhat:jboss_soa_platform:4.3", "product_name": "Red Hat JBoss SOA Platform 4.3", "release_date": "2011-04-20T00:00:00Z"}, {"advisory": "RHSA-2011:0463", "cpe": "cpe:/a:redhat:jboss_soa_platform:5.0", "product_name": "Red Hat JBoss SOA Platform 5.0", "release_date": "2011-04-20T00:00:00Z"}], "bugzilla": {"description": "JBoss Seam privilege escalation caused by EL interpolation in FacesMessages", "id": "692421", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692421"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP04 and 5.1.0 and JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0.CP09 and 5.1.0, does not properly restrict use of Expression Language (EL) statements in FacesMessages during page exception handling, which allows remote attackers to execute arbitrary Java code via a crafted URL to an application."], "name": "CVE-2011-1484", "public_date": "2011-04-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-1484\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-1484"], "threat_severity": "Important"}