Description

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging.

Remediation

References

CVE-2014-0248

Related Vulnerabilities

WordPress Plugin AdPlugg WordPress Ad Cross-Site Scripting (1.1.33)

WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Security Bypass (9.6.1)

Drupal Improper Access Control Vulnerability (CVE-2016-5385)

IBM WebSEAL Session Fixation Vulnerability (CVE-2018-1804)

WordPress Plugin SlideDeck 2 Lite Responsive Content Slider Cross-Site Scripting (2.3.18)

Severity

Medium

Classification

CVE-2014-0248 CWE-94

Tags

Missing Update Known Vulnerabilities