ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jboss_enterprise_application_platform | Redhat | 4.3.0 (including) | 4.3.0 (including) |
Jboss_enterprise_application_platform | Redhat | 4.3.0-cp10 (including) | 4.3.0-cp10 (including) |
Jboss_enterprise_application_platform | Redhat | 5.0.0 (including) | 5.0.0 (including) |
Jboss_enterprise_application_platform | Redhat | 5.0.1 (including) | 5.0.1 (including) |
Jboss_enterprise_application_platform | Redhat | 5.1.0 (including) | 5.1.0 (including) |
Jboss_enterprise_application_platform | Redhat | 5.1.1 (including) | 5.1.1 (including) |
Jboss_enterprise_application_platform | Redhat | 5.1.2 (including) | 5.1.2 (including) |
Jboss_enterprise_application_platform | Redhat | 5.2.0 (including) | 5.2.0 (including) |
Jboss_enterprise_brms_platform | Redhat | 5.0.0 (including) | 5.0.0 (including) |
Jboss_enterprise_brms_platform | Redhat | 5.0.1 (including) | 5.0.1 (including) |
Jboss_enterprise_brms_platform | Redhat | 5.0.2 (including) | 5.0.2 (including) |
Jboss_enterprise_brms_platform | Redhat | 5.1.0 (including) | 5.1.0 (including) |
Jboss_enterprise_brms_platform | Redhat | 5.2.0 (including) | 5.2.0 (including) |
Jboss_enterprise_brms_platform | Redhat | 5.3.0 (including) | 5.3.0 (including) |
Jboss_enterprise_brms_platform | Redhat | 5.3.1 (including) | 5.3.1 (including) |
Jboss_enterprise_portal_platform | Redhat | 4.3.0-cp03 (including) | 4.3.0-cp03 (including) |
Jboss_enterprise_portal_platform | Redhat | 4.3.0-cp04 (including) | 4.3.0-cp04 (including) |
Jboss_enterprise_portal_platform | Redhat | 4.3.0-cp05 (including) | 4.3.0-cp05 (including) |
Jboss_enterprise_portal_platform | Redhat | 4.3.0-cp06 (including) | 4.3.0-cp06 (including) |
Jboss_enterprise_portal_platform | Redhat | 4.3.0-cp07 (including) | 4.3.0-cp07 (including) |
Jboss_enterprise_portal_platform | Redhat | 5.0.0 (including) | 5.0.0 (including) |
Jboss_enterprise_portal_platform | Redhat | 5.0.1 (including) | 5.0.1 (including) |
Jboss_enterprise_portal_platform | Redhat | 5.1.0 (including) | 5.1.0 (including) |
Jboss_enterprise_portal_platform | Redhat | 5.1.1 (including) | 5.1.1 (including) |
Jboss_enterprise_portal_platform | Redhat | 5.2.0 (including) | 5.2.0 (including) |
Jboss_enterprise_portal_platform | Redhat | 5.2.1 (including) | 5.2.1 (including) |
Jboss_enterprise_portal_platform | Redhat | 5.2.2 (including) | 5.2.2 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.2.0 (including) | 4.2.0 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.2.0-cp01 (including) | 4.2.0-cp01 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.2.0-cp02 (including) | 4.2.0-cp02 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.2.0-cp03 (including) | 4.2.0-cp03 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.2.0-cp04 (including) | 4.2.0-cp04 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.2.0-cp05 (including) | 4.2.0-cp05 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.2.0-tp02 (including) | 4.2.0-tp02 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.3.0 (including) | 4.3.0 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.3.0-cp01 (including) | 4.3.0-cp01 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.3.0-cp02 (including) | 4.3.0-cp02 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.3.0-cp03 (including) | 4.3.0-cp03 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.3.0-cp04 (including) | 4.3.0-cp04 (including) |
Jboss_enterprise_soa_platform | Redhat | 4.3.0-cp05 (including) | 4.3.0-cp05 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.0.0 (including) | 5.0.0 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.0.1 (including) | 5.0.1 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.0.2 (including) | 5.0.2 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.1.0 (including) | 5.1.0 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.1.1 (including) | 5.1.1 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.2.0 (including) | 5.2.0 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.3.0 (including) | 5.3.0 (including) |
Jboss_enterprise_soa_platform | Redhat | 5.3.1 (including) | 5.3.1 (including) |
Jboss_enterprise_web_platform | Redhat | 5.1.0 (including) | 5.1.0 (including) |
Jboss_enterprise_web_platform | Redhat | 5.1.1 (including) | 5.1.1 (including) |
Jboss_enterprise_web_platform | Redhat | 5.1.2 (including) | 5.1.2 (including) |
Jboss_enterprise_web_platform | Redhat | 5.2.0 (including) | 5.2.0 (including) |
Jboss_operations_network | Redhat | 1.0.0 (including) | 1.0.0 (including) |
Jboss_operations_network | Redhat | 2.0.0 (including) | 2.0.0 (including) |
Jboss_operations_network | Redhat | 2.0.1 (including) | 2.0.1 (including) |
Jboss_operations_network | Redhat | 2.1.0 (including) | 2.1.0 (including) |
Jboss_operations_network | Redhat | 2.2 (including) | 2.2 (including) |
Jboss_operations_network | Redhat | 2.3 (including) | 2.3 (including) |
Jboss_operations_network | Redhat | 2.3.1 (including) | 2.3.1 (including) |
Jboss_operations_network | Redhat | 2.4 (including) | 2.4 (including) |
Jboss_operations_network | Redhat | 2.4.1 (including) | 2.4.1 (including) |
Jboss_operations_network | Redhat | 2.4.2 (including) | 2.4.2 (including) |
Jboss_operations_network | Redhat | 3.0 (including) | 3.0 (including) |
Jboss_operations_network | Redhat | 3.0.1 (including) | 3.0.1 (including) |
Jboss_operations_network | Redhat | 3.1 (including) | 3.1 (including) |
Jboss_operations_network | Redhat | 3.1.1 (including) | 3.1.1 (including) |
Jboss_operations_network | Redhat | 3.1.2 (including) | 3.1.2 (including) |
Jboss_web_framework_kit | Redhat | * | 2.2.0 (including) |
Jboss_web_framework_kit | Redhat | 1.0.0 (including) | 1.0.0 (including) |
Jboss_web_framework_kit | Redhat | 1.1.0 (including) | 1.1.0 (including) |
Jboss_web_framework_kit | Redhat | 1.2.0 (including) | 1.2.0 (including) |
Jboss_web_framework_kit | Redhat | 2.0.0 (including) | 2.0.0 (including) |
Jboss_web_framework_kit | Redhat | 2.1.0 (including) | 2.1.0 (including) |
Richfaces | Redhat | 3.1.0 (including) | 3.1.0 (including) |
Richfaces | Redhat | 3.1.1 (including) | 3.1.1 (including) |
Richfaces | Redhat | 3.1.2 (including) | 3.1.2 (including) |
Richfaces | Redhat | 3.1.3 (including) | 3.1.3 (including) |
Richfaces | Redhat | 3.1.4 (including) | 3.1.4 (including) |
Richfaces | Redhat | 3.1.5 (including) | 3.1.5 (including) |
Richfaces | Redhat | 3.1.6 (including) | 3.1.6 (including) |
Richfaces | Redhat | 3.2.0 (including) | 3.2.0 (including) |
Richfaces | Redhat | 3.2.0-sr1 (including) | 3.2.0-sr1 (including) |
Richfaces | Redhat | 3.2.1 (including) | 3.2.1 (including) |
Richfaces | Redhat | 3.2.2 (including) | 3.2.2 (including) |
Richfaces | Redhat | 3.3.0 (including) | 3.3.0 (including) |
Richfaces | Redhat | 3.3.1 (including) | 3.3.1 (including) |
Richfaces | Redhat | 3.3.2 (including) | 3.3.2 (including) |
Richfaces | Redhat | 3.3.2-sr1 (including) | 3.3.2-sr1 (including) |
Richfaces | Redhat | 3.3.3 (including) | 3.3.3 (including) |
Richfaces | Redhat | 4.0.0 (including) | 4.0.0 (including) |
Richfaces | Redhat | 4.1.0 (including) | 4.1.0 (including) |
Richfaces | Redhat | 4.2.0 (including) | 4.2.0 (including) |
Richfaces | Redhat | 4.2.1 (including) | 4.2.1 (including) |
Richfaces | Redhat | 4.2.2 (including) | 4.2.2 (including) |
Richfaces | Redhat | 4.2.3 (including) | 4.2.3 (including) |
Richfaces | Redhat | 4.3.0 (including) | 4.3.0 (including) |
Richfaces | Redhat | 4.3.1 (including) | 4.3.1 (including) |
Richfaces | Redhat | 4.5.0-alpha1 (including) | 4.5.0-alpha1 (including) |
Richfaces | Redhat | 5.0.0-alpha1 (including) | 5.0.0-alpha1 (including) |