CVE-2007-6433

The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://jira.jboss.com/jira/browse/JBSEAM-2084	Exploit
http://osvdb.org/42631
http://secunia.com/advisories/28077	Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=549490&group_id=22866
http://www.redhat.com/support/errata/RHSA-2008-0151.html
http://www.redhat.com/support/errata/RHSA-2008-0158.html
http://www.redhat.com/support/errata/RHSA-2008-0213.html
http://www.securityfocus.com/bid/26850
http://www.vupen.com/english/advisories/2007/4215

Configurations

Configuration 1 (hide)

cpe:2.3:a:jboss:seam:*:cr2:*:*:*:*:*:*

History

No history.

Information

Published : 2007-12-18 20:46

Updated : 2024-02-04 17:13

NVD link : CVE-2007-6433

Mitre link : CVE-2007-6433

CVE.ORG link : CVE-2007-6433

JSON object : View

Products Affected

jboss

seam

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2007-6433", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-12-18T20:46:00.000", "references": [{"url": "http://jira.jboss.com/jira/browse/JBSEAM-2084", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/42631", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28077", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=549490&group_id=22866", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0151.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0158.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0213.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26850", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/4215", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter."}, {"lang": "es", "value": "El m\u00e9todo getRenderedEjbql en la clase org.jboss.seam.framework.Query en JBoss Seam 2.x anterior a 2.0.0.CR3 permite a atacantes remotos inyectar y ejecutar comandos EJBQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro order."}], "lastModified": "2011-03-08T03:02:43.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jboss:seam:*:cr2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E033DC4-03D2-402A-A176-1CDA4C446C44", "versionEndIncluding": "2.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}