Description

It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.

Remediation

References

CVE-2017-12189

Related Vulnerabilities

WordPress Plugin PICA Photo Gallery 'imgname' Parameter Information Disclosure (1.0)

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Cross-Site Scripting (1.6.2)

WordPress Plugin Gantry 4 Framework Cross-Site Scripting (4.1.5)

WordPress Plugin post highlights 'ph_settings.php' SQL Injection (2.2)

WordPress Plugin Mingle Forum SQL Injection and Security Bypass Vulnerabilities (1.0.26)

Severity

High

Classification

CVE-2017-12189 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities