Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have other impacts via a crafted XML file.
History

Mon, 28 Oct 2024 05:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat jboss Enterprise Web Framework
CPEs cpe:/a:redhat:jboss_enterprise_web_framework:2.4.0
Vendors & Products Redhat jboss Enterprise Web Framework

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-01-23T00:00:00

Updated: 2024-08-06T17:39:01.202Z

Reserved: 2013-11-04T00:00:00

Link: CVE-2013-6447

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-01-23T00:55:03.347

Modified: 2024-11-21T01:59:15.003

Link: CVE-2013-6447

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-01-20T00:00:00Z

Links: CVE-2013-6447 - Bugzilla