CVE-2014-0093
First published: Wed Feb 26 2014(Updated: )
IssueDescription: It was found that Java Security Manager permissions configured via a policy file were not properly applied, causing all deployed applications to be granted the java.security.AllPermission permission. In certain cases, an attacker could use this flaw to circumvent expected security measures to perform actions which would otherwise be restricted.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Jboss Enterprise Application Platform | =6.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://rhn.redhat.com/errata/RHSA-2014-0345.html
- https://rhn.redhat.com/errata/RHSA-2014-0343.html
- https://rhn.redhat.com/errata/RHSA-2014-0344.html
- https://rhn.redhat.com/errata/RHSA-2014-1291.html
- https://rhn.redhat.com/errata/RHSA-2014-1290.html
- https://rhn.redhat.com/errata/RHSA-2014-1995.html
- https://rhn.redhat.com/errata/RHSA-2015-1009.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1070046
- http://rhn.redhat.com/errata/RHSA-2014-0343.html
- http://rhn.redhat.com/errata/RHSA-2014-0344.html
- http://rhn.redhat.com/errata/RHSA-2014-0345.html
- http://secunia.com/advisories/57675
- http://www.securityfocus.com/bid/66596
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-0093
- agent/tags
- agent/trending
- vendor/redhat
- canonical/redhat jboss enterprise application platform
- version/redhat jboss enterprise application platform/6.2.2