Lucene search
RedhatCVELIST:CVE-2013-4521HistoryFeb 06, 2020 - 3:43 p.m.
CVE-2013-4521
2020-02-0615:43:41
redhat
www.cve.org
1
RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: this vulnerability may overlap CVE-2013-2165.
CNA Affected
[
{
"product": "Nuxeo Platform",
"vendor": "Nuxeo",
"versions": [
{
"status": "affected",
"version": "5.6.0 before HF27"
},
{
"status": "affected",
"version": "5.8.0 before HF-01"
}
]
}
]Related
nvd
nvd
CVE-2013-4521
2020-02-06 16:15:11
CVE-2013-2165
2013-07-23 11:03:11
prion
prion
Deserialization of untrusted data
2020-02-06 16:15:00
Deserialization of untrusted data
2013-07-23 11:03:00
cve
cve
CVE-2013-4521
2020-02-06 16:15:11
CVE-2013-2165
2013-07-23 11:03:11
ibm
ibm
nessus
nessus
RHEL 5 / 6 : richfaces (RHSA-2013:1042)
2013-07-11 00:00:00
RHEL 5 : jboss-seam2 (RHSA-2013:1044)
2013-07-11 00:00:00
RHEL 5 / 6 : richfaces in JBoss EWP (RHSA-2013:1043)
2014-06-28 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: Remote Code Execution (RCE) in DoD Websites
2017-06-01 20:39:34
seebug
seebug
JBoss RichFaces θΏη¨δ»£η ζ§θ‘ζΌζ΄(CVE-2013-2165)
2013-07-17 00:00:00
ubuntucve
ubuntucve
CVE-2013-2165
2013-07-23 00:00:00
github
github
Remote code execution due to insecure deserialization
2022-05-13 01:27:59
cvelist
cvelist
CVE-2013-2165
2013-07-22 19:00:00
redhat
redhat
(RHSA-2013:1042) Critical: richfaces security update
2013-07-10 00:00:00
(RHSA-2013:1043) Critical: richfaces security update
2013-07-10 00:00:00
(RHSA-2013:1044) Critical: jboss-seam2 security update
2013-07-10 00:00:00
jvn
jvn
JVN#38787103: JBoss RichFaces vulnerable to remote code execution
2013-07-19 00:00:00
osv
osv
Remote code execution due to insecure deserialization
2022-05-13 01:27:59
veracode
veracode
Remote Code Execution Through Deserialization Attack
2019-01-15 08:55:59