CVE-2010-1871: Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability
First published: Mon Jul 19 2010(Updated: )
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Jboss Enterprise Application Platform | =4.3.0 | |
| Redhat Enterprise Linux | =4 | |
| Redhat Enterprise Linux | =5 | |
| Red Hat JBoss Seam 2 | ||
| redhat/jboss-seam2 | <0:2.0.2.FP-1.ep1.24.el4 | 0:2.0.2.FP-1.ep1.24.el4 |
| redhat/jboss-seam2 | <0:2.0.2.FP-1.ep1.24.el5 | 0:2.0.2.FP-1.ep1.24.el5 |
| All of | ||
| Redhat Jboss Enterprise Application Platform | =4.3.0 | |
| Any of | ||
| Redhat Enterprise Linux | =4 | |
| Redhat Enterprise Linux | =5 | |
| NetApp OnCommand Balance | ||
| NetApp OnCommand Insight | ||
| Netapp Oncommand Unified Manager Clustered Data Ontap |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securitytracker.com/id?1024253
- http://www.securityfocus.com/bid/41994
- https://bugzilla.redhat.com/show_bug.cgi?id=615956
- http://www.vupen.com/english/advisories/2010/1929
- http://www.redhat.com/support/errata/RHSA-2010-0564.html
- http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60794
- https://security.netapp.com/advisory/ntap-20161017-0001/
- http://seamframework.org/
- http://docs.jboss.org/seam/2.2.0.GA/en-US/html/elenhancements.html
- https://rhn.redhat.com/errata/RHSA-2010-0564.html
- http://seamframework.org/Community/Seam221CR2IsAvailableForPublic
- http://seamframework.org/Seam2/Downloads
- https://access.redhat.com/security/cve/CVE-2010-1871
- https://www.redhat.com/security/data/cve/CVE-2010-1871.html
- https://www.cve.org/CVERecord?id=CVE-2010-1871 https://nvd.nist.gov/vuln/detail/CVE-2010-1871
- https://access.redhat.com/errata/RHSA-2010:0564
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1871.json
- https://nvd.nist.gov/vuln/detail/CVE-2010-1871
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-1871
- agent/title
- agent/description
- collector/redhat-cve
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/author
- agent/severity
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/tags
- collector/nvd-cve
- vendor/redhat
- canonical/redhat jboss enterprise application platform
- version/redhat jboss enterprise application platform/4.3.0
- canonical/redhat enterprise linux
- version/redhat enterprise linux/4
- version/redhat enterprise linux/5
- package-manager/redhat
- vendor/netapp
- canonical/netapp oncommand balance
- canonical/netapp oncommand insight
- canonical/netapp oncommand unified manager clustered data ontap
- vendor/red hat
- canonical/red hat jboss seam 2