SB2018092411 - Red Hat update for Red Hat JBoss Enterprise Application Platform 6.4.21 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018092411

SB2018092411 - Red Hat update for Red Hat JBoss Enterprise Application Platform 6.4.21

Published: September 24, 2018

Security Bulletin ID SB2018092411
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 20% Low 80%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2017-2582)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists in the StaxParserUtil class of the Picketlink feature due to improper parsing of Security Assertion Markup Language (SAML) messages. A remote attacker can send a specially crafted SAML request that submits malicious input and access sensitive information, such as values of system properties.


2) Privilege escalation (CVE-ID: CVE-2017-7536)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to the security manager's reflective permissions are granted to Hibernate Validator. A local attacker can allow the calling code to access private members without the permission, validate an invalid instance, access the private member value via ConstraintViolation#getInvalidValue() and gain execute arbitrary code with elevated privileges.

3) Information disclosure (CVE-ID: CVE-2018-13366)

The vulnerability allows a remote to obtain potentially sensitive information.

The weakness exists due to Fortigate PPTP service reveals serial number of FortiGate in the hostname field defined in connection control setup packets of PPTP protocol. A remote attacker can gain access to arbitrary data.

4) Infinite loop (CVE-ID: CVE-2018-1336)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper handing of overflow in the UTF-8 decoder with supplementary characters. A remote attacker can send trigger an infinite loop in the decoder and cause the service to crash.


5) Uncontrolled memory allocation (CVE-ID: CVE-2018-10237)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to unbounded memory allocation. A remote attacker can cause the service to crash and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

Remediation

Install update from vendor's website.

References