CVE-2012-1154
N/A
N/A
Summary
mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed on the root context via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://rhn.redhat.com/errata/RHSA-2012-1012.html
- http://rhn.redhat.com/errata/RHSA-2012-1166.html
- http://rhn.redhat.com/errata/RHSA-2012-1052.html
- http://rhn.redhat.com/errata/RHSA-2012-1053.html
- https://issues.jboss.org/browse/MODCLUSTER-253
- http://secunia.com/advisories/49636
- https://bugzilla.redhat.com/show_bug.cgi?id=802200
- http://rhn.redhat.com/errata/RHSA-2012-1010.html
- http://rhn.redhat.com/errata/RHSA-2012-1011.html
- https://community.jboss.org/message/624018
References
- http://rhn.redhat.com/errata/RHSA-2012-1012.html
- http://rhn.redhat.com/errata/RHSA-2012-1166.html
- http://rhn.redhat.com/errata/RHSA-2012-1052.html
- http://rhn.redhat.com/errata/RHSA-2012-1053.html
- https://issues.jboss.org/browse/MODCLUSTER-253
- http://secunia.com/advisories/49636
- https://bugzilla.redhat.com/show_bug.cgi?id=802200
- http://rhn.redhat.com/errata/RHSA-2012-1010.html
- http://rhn.redhat.com/errata/RHSA-2012-1011.html
- https://community.jboss.org/message/624018
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.