Lucene search
RootSSV:60901HistoryJul 17, 2013 - 12:00 a.m.
JBoss RichFaces 远程代码执行漏洞(CVE-2013-2165)
2013-07-1700:00:00
Root
www.seebug.org
80
0.1 Low
EPSS
Percentile
94.9%
Bugtraq ID:61085
CVE ID:CVE-2013-2165
JBoss RichFaces是一个具 Ajax和JSF特性的Web框架
RichFaces ResourceBuilderImpl处理反序列化存在在安全漏洞,允许远程攻击者利用此漏洞发送特殊数据,执行部署在服务器上任意可序列化类中的反序列化方法
此漏洞所产生的影响其严重程序取决于这些类的反序列化逻辑
0
JBoss RichFaces
厂商解决方案
用户可参考如下厂商提供的安全公告获得补丁信息:
https://rhn.redhat.com/errata/RHSA-2013-1041.html
https://rhn.redhat.com/errata/RHSA-2013-1042.html
https://rhn.redhat.com/errata/RHSA-2013-1043.html
https://rhn.redhat.com/errata/RHSA-2013-1044.html
https://rhn.redhat.com/errata/RHSA-2013-1045.html
Related
nessus
nessus
RHEL 5 / 6 : richfaces (RHSA-2013:1042)
2013-07-11 00:00:00
RHEL 5 : jboss-seam2 (RHSA-2013:1044)
2013-07-11 00:00:00
RHEL 5 / 6 : richfaces in JBoss EWP (RHSA-2013:1043)
2014-06-28 00:00:00
prion
prion
Deserialization of untrusted data
2013-07-23 11:03:00
Deserialization of untrusted data
2020-02-06 16:15:00
ubuntucve
ubuntucve
CVE-2013-2165
2013-07-23 00:00:00
cvelist
cvelist
CVE-2013-2165
2013-07-22 19:00:00
CVE-2013-4521
2020-02-06 15:43:41
github
github
Remote code execution due to insecure deserialization
2022-05-13 01:27:59
hackerone
hackerone
U.S. Dept Of Defense: Remote Code Execution (RCE) in DoD Websites
2017-06-01 20:39:34
nvd
nvd
CVE-2013-2165
2013-07-23 11:03:11
CVE-2013-4521
2020-02-06 16:15:11
redhat
redhat
(RHSA-2013:1042) Critical: richfaces security update
2013-07-10 00:00:00
(RHSA-2013:1043) Critical: richfaces security update
2013-07-10 00:00:00
(RHSA-2013:1044) Critical: jboss-seam2 security update
2013-07-10 00:00:00
jvn
jvn
JVN#38787103: JBoss RichFaces vulnerable to remote code execution
2013-07-19 00:00:00
osv
osv
Remote code execution due to insecure deserialization
2022-05-13 01:27:59
veracode
veracode
Remote Code Execution Through Deserialization Attack
2019-01-15 08:55:59
cve
cve
CVE-2013-2165
2013-07-23 11:03:11
CVE-2013-4521
2020-02-06 16:15:11
